How to provide protection against Cross Site Request Forgery (CSRF) attacks for an old web application built on Java and struts2 framework

Question

How to provide protection against Cross Site Request Forgery (CSRF) attacks for an old web application built on Java and struts2 framework?

Tried adding filter before servlet, stuck over there

Roman C · Answer 1 · 2023-07-19T13:28:34.360

0

Old application should use a token or tokenSession interceptor.

You can find details in my previous answer: Struts2 token interceptor: CSRF protection.

edited Jul 19 '23 at 13:28

answered Jul 19 '23 at 13:14

Roman C

1 Answers1