CSRFDetector

This plugin detects and prevents CSRF(Cross Site Request Forgery) attacks.

This plugin detects CSRF attacks by doing the following.

1. Rewrites the HTTP responses. Adds unique "token"s to the each forms in the HTML pages as hidden fields.
2. Checks the HTTP requests. If the valid tokens are not found in the requests, raises alerts and blocks the requests.

This plugin only works with cookie-based session management and Basic authentication.

• Required Settings
• Parameters
• Configuring Database
• Class Name