简体繁体中英

php class to protect api from CSRF requests

原文 2019-11-15 06:52:02 7 1 php/ rest/ api/ csrf

I'm looking for a PHP class to protect my RESTful API from CSRF attacks. I have seen many classes for that but all of them are used for normal pages NOT a RESTful API.

1 answers

You write your own. Every response your api sends should have a header which is set to a long alphanumeric string. The next request you receive should contain that header. You can use a simple table for persistance.

OWASP gives a nice example implementation that you could use

PHP - Protect RESTful API requests

Laravel API requests with CSRF token

PHP Safe way to put URL in form to protect against from xss / cross site request forgery CSRF attack

How to protect a class in PHP

protect php script against csrf…without php session (cross site)

How can I protect a class property from extending classes in PHP?

Protect against CSRF attack in PHP for multiple browser tabs

Secure a PHP API with CSRF protection

Protect APIs against CSRF?

How can I protect my php, jquery, ajax requests from hackers?

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP - Protect RESTful API requests Laravel API requests with CSRF token PHP Safe way to put URL in form to protect against from xss / cross site request forgery CSRF attack How to protect a class in PHP protect php script against csrf…without php session (cross site) How can I protect a class property from extending classes in PHP? Protect against CSRF attack in PHP for multiple browser tabs Secure a PHP API with CSRF protection Protect APIs against CSRF? How can I protect my php, jquery, ajax requests from hackers?

Related Tags

php class to protect api from CSRF requests

Question

1 answers

solution1 0 2019-11-15 09:00:32

solution1
0 2019-11-15 09:00:32