May 2013 Archives

Securing your website against Cross Site Request Forgery Attacks

I was pleasently surprised to find out that there is already a Plack Middleware that improves security against CSRF attacks. And it's very easy to use.

I'll demonstrate with a Catalyst example but any app running with Plack can make use of it.

In your application you simply configure the middleware.
(Note: Plack::Middleware::CSRFBlock depends on Plack::Middleware::Session)

   # lib/
   use Catalyst qw/ EnableMidd…

About davewood

user-pic I like Toast.