HDIV against CSRF attacks
How GoHV H',9 rHVSoQG DJDLQVW C65) DWWDFNV? ,WV PoVW XVHIXO IHDWXrH DJDLQVW C65) DWWDFNV LV WhDW LW VHQGV DQ DQWL-C65) WoNHQ (a long, random, non-repeatable string that changes with every rHTXHVW) Wo WhH FOLHQW, whLFh wLOO EH vHrLfiHG LQ WhH rHTXHVW. H',9 SrovLGHV WhLV DQWL-C65) WoNHQ LQ HDFh IorP DQG OLQN oI WhH H70L response, ensuring that it will be sent back in the next request.
Applying any other Struts validator or any other framework validators can help in solving problems like SnL injection and XSS, but will not solve parameter tampering DQG C65) DWWDFNV—LQ oWhHr worGV, WhHy FDQQoW DVVXrH LQWHJrLWy oI GDWD. 0orHovHr, GHSOoyLQJ DQG FoQfiJXrLQJ validators is wasteful. HDIV provides a much more secure, effective and clean security framework, with an easy oneWLPH LQVWDOODWLoQ DQG FoQfiJXrDWLoQ.