AnsweredAssumed Answered

CSRF detection behavior

Question asked by Anthirian on Jun 8, 2015
Latest reply on Jun 11, 2015 by fmc



I understand how QualysGuard WAS tests for the existence of CSRF vulnerabilities in web applications. With one customer's website I'm seeing a lot of false positives and I suspect this is caused due to server misconfiguration. The problem is that currently the server responds with HTTP 200 and a message in the page stating the anti-CSRF token isn't correct. Would it be better to respond with HTTP 400 instead, or maybe another code, to prevent QualysGuard from reporting a CSRF vulnerability?


Kind regards,

Geert Smelt