views:

524

answers:

1

Cross-site request forgery (CSRF or XSRF) attacks provokes unauthorised actions in your web application by users you believe to be trusted.

That is surely something we would like to prevent, and I am particularly working with Zend Framework. Is there a Zend Framework approach to prevent CSRF/XSRF?

+1  A: 

Yes. Zend_Form_Element_Hash

blockhead
Why didn't you post a link directly to http://www.noginn.com/2009/03/01/preventing-csrf-properly/ ? This some sort of shameless plug?
Mark
He asked about Zend Framework, so I gave him a link to a component from Zend Framework which answers his question!
blockhead
Also this was the first hit I got in google for Zend_Form_Element_Hash
blockhead