(SOL11930) Cross-site request forgery (CSRF) is an attack method that exploits a pre-existing relationship of trust and forces a user to run unwanted actions on a web application in which the user is currently authenticated. Beginning in 10.2.0, you can enable CSRF protection in a BIG-IP ASM security policy.
CSRT Token Injection
CSRF Violations
Requirements for CSRF Protection
Supplemental Information
CSRT Token Injection
When the CSRF Protection feature is enabled, the system inserts custom JavaScript
↧