mebjas/CSRF-Protector-PHP mebjas/CSRF-Protector-PHP

  • Stars
    star
    210
  • Rank 181,576 (Top 4 %)
  • Language
    PHP
  • License
    Other
  • Created about 10 years ago
  • Updated almost 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
mebjas/CSRF-Protector-PHP
github

mebjas

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

CSRF Protector library: standalone library for CSRF mitigation

CSRF Protector

Todo Status Build Status Minimum PHP Version
CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.

Add to your project using packagist

Add a composer.json file to your project directory

{
   "require": {
       "owasp/csrf-protector-php": "dev-master"
   }
}

Then open terminal (or command prompt), move to project directory and run

composer install

## Or alternatively

php composer.phar install

This will add CSRFP (library will be downloaded at ./vendor/owasp/csrf-protector-php) to your project directory. View packagist.org for more help with composer!

Configuration

For composer installations: Copy the config.sample.php file into your root folder at config/csrf_config.php For non-composer installations: Copy the libs/csrf/config.sample.php file into libs/csrf/config.php Edit config accordingly. See Detailed Information link below.

Link to wiki - Editing Configurations & Mandatory requirements before using this library

How to use

<?php
include_once __DIR__ .'/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php';

// Initialise CSRFProtector library
csrfProtector::init();

simply include the library and call the init() function!

More information

Discussions

Join Discussions at Google Group \ OWASP \ CSRF Protector

For any other queries contact me at: [email protected] | [email protected]

How to contribute?

General steps

  • Fork the repo
  • Create your branch
  • Commit your changes
  • Create a pull request

More?

Well, there are various ways to contribute to this project. Find a few of them listed below:

  • Found a bug? Raise a bug in the issue page. Please make sure it's not a duplicate of an existing issue.
  • Have a feature request? Raise one at the issue page. As mentioned above please do a basic check if this enhancement exists in the mentioned link.
  • Want to contribute code to this project?
    • The best way to start is by picking up one of the existing issues with Up For Grab label.
    • Leave a comment, that you intend to help on this > then fork > and then send a pull request to master branch.

FAQ:

  1. What happens if token expires? - https://github.com/mebjas/CSRF-Protector-PHP/wiki/what-if-token-expires
  2. Secure flag in a cookie? - #54
  3. [Deprecated] NoJS support? - https://github.com/mebjas/CSRF-Protector-PHP/tree/nojs-support

More Repositories

1

html5-qrcode

A cross platform HTML5 QR code reader. See end to end implementation at: https://scanapp.org
TypeScript
4,561
star
2

jquery-digitalwrite

jquery plugin to write charecters in digital format in a 5x5 matrix
JavaScript
26
star
3

image-jigsaw

jquery plugin to easy convert any image to image based jigsaw puzzle
JavaScript
24
star
4

mod_csrfprotector

apache 2.x.x module, for CSRF mitigation
C
20
star
5

movie-name-extractor

Mostly file-names of movies are encoded so as to transmit maximum information with it. This repo contains code in different languages to parse these names and get information out of them.
PHP
15
star
6

mebjas.github.io

Repository for hosting my personal home page and blog.
JavaScript
13
star
7

jQuery-sticky-elements

jquery plugin to create sticky elements -- experiment
JavaScript
12
star
8

dht-node

A distributed hash table from scratch
JavaScript
11
star
9

realtime-notification

realtime notification on redis key value change, using node.js, socket.io, redis
JavaScript
9
star
10

jquery-shakker

image shakking jquery plugin
JavaScript
8
star
11

AzureStorageTableLargeDataWriter

POC to implement wrapper class on top of Azure Storage Table to deal with 32KB limit per cell size enforced by Azure Storage Table
C#
5
star
12

WP-CSRF-Protector

Wordpress plugin for CSRF mitigation
PHP
4
star
13

windows8-tile-menu

jquery plugin to easily create a windows 8 type tile based menu. Easy to understand and use
JavaScript
4
star
14

html5-qrcode-examples

Examples of using html5-qrcode with different frameworks - https://github.com/mebjas/html5-qrcode
HTML
4
star
15

gils

A framework to mine github issues dataset. Hacky code alert
JavaScript
3
star
16

hasher

CLI tool to compute hashes for stdin
C++
3
star
17

owasp.tw.0718

Jupyter Notebook
3
star
18

Wiki-Read-Mode

Enable Read Mode on wikipedia to make it more readable, by removing useless contents
JavaScript
2
star
19

ml-experiments

some random machine learning experiments
Python
2
star
20

HTTP-Request-Simulator

Simple C# based program to simulate the HTTP GET or POST request to a server page (or localhost). Shows the raw result of the request
C#
2
star
21

facebook-chat-customiser

facebook chat customiser
JavaScript
2
star
22

CloudArchitectureCheatSheet

Yet another repository of tips, tricks & (hopefully not obsolete) rule of thumbs for cloud architecture borrowed from internet without credits
2
star
23

super-explorer

prototype of a next gen explorer for windows
C#
2
star
24

my-playground

Custom cool scripts by me
HTML
1
star
25

jcsrf-implementation

jCSRF is a proposed framework for prevention of CSRF in web applications
PHP
1
star
26

awesomeJs

Collection of js libraries / jquery plugins to create awesome web pages
JavaScript
1
star
27

html5-qrcode-react

React JS project made using html5-qrcode project
1
star
28

fcc-theme-sharing

theme sharing using php gd library
CSS
1
star
29

wordle-turtle

Yet another web page constantly playing wordle
TypeScript
1
star
30

circular_node_menu

a js based code that can gradually be used as UI menu element
1
star
31

MOZ-SecurityReportTool

Refactored version of securityReporttTools work by Kailas: https://github.com/patilkr/securityReportTool
JavaScript
1
star
32

ImageProcessingBenchmarking

Test repository to benchmark different ways to work on images on Android
Java
1
star
33

WMD

WMD: website media down loader :- downloads every content of a website
C#
1
star
34

formly-php

Easiest way to create and validate forms in php
PHP
1
star
35

dnfs

distributed network file search
C#
1
star
36

QADebugger

A portal to debug/annotate question answering system
Python
1
star
37

monitor

Monitor events in your server in realtime
JavaScript
1
star
38

app-store-analysis

Some analysis on apple app store dataset
Jupyter Notebook
1
star
39

ultrasonic-gesture-recognition

proof of concept to detect gestures using single ultrasonic sensor and arduino
Arduino
1
star
40

github-report

Chrome Extension to user stats in Github Profile Page
JavaScript
1
star
41

MirrorDroid

Android app for mirroring few features like SMS
1
star