Jump to content
Welcome to our new Citrix community!
  • 0

CSRF TAG check

Amin Eideh


Greetings Gents,


Been trying to implement the CSRF TAG  check within the Citrix WAF,

However it results in a huge number of violations, with most of them being false positives.


The thing here is, as far as my understanding goes,

The check works as following:


1- Adds sort of token to each form submission

2- Checks if the response still has the same token  unmodified.


How is it possible to generate such a big number of false positives for such a check  mechanism?


Best Regards



Link to comment

1 answer to this question

Recommended Posts

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...