ColdFusion - Prevention - Cross-site request forgeries (CSRF)

I'm interested in learning how to prevent Cross-site request forgeries (CSRF) in my ColdFusion 9 application. I found a few tutorials online but none seem to be comprehensive. The best I've found is: http://www.mollerus.net/tom/blog/2009/01/an_easy_block_for_crosssite_request_forgeries_csrf.html But that's not a incredibly comprehensive or clear example.

Any tutorials, examples, or pointers available for preventing CSRF?

Thanks!

Solution

You should take a look at this link. ColdFusion 10 introduced two new functions to deal with CSRF; CSRFGenerateToken() and CSRFVerifyToken().

http://www.learncfinaweek.com/week1/Cross_Site_Request_Forgery__CSRF_/

HTTP Service Request Queues\CurrentQueueSize counter instance name
A ghost deleted my files?
IIS set header with url rewrite for 3xx response
301 Redirect for IIS
IIS 6.0 64-bit: SysInterals Proc Explorer showing 32-bit DLLs loaded?
PowerShell IISAdministration: use of "-Confirm" parameter
ASP. NET Core 8: Error HTTP 500 and returnurl=%2F in the URL
How can I create and test two web apps in two separate application pools on my local machine?
IIS Recompile ASP NET websites
Is it possible to make part of a site on IIS only viewable from localhost?
Why is my javascript bundle so slow to download?
API not starting in IIS After Deployment: Missing .NET Hosting Components?
How exactly are URLs mapped to handlers in IIS 7+
Redirect chain problem in web.config, Windows Server 2020 IIS
How do I enumerate IIS websites using Powershell and find the app pool for each?
Google Firestore Database unable to connect in IIS (Laragon Apache is fine) "Empty address list:" Error :14
Entity Framework Core - Web Deploy is Missing SQL Server Management Object Dependency
PHP ignoring curl.cainfo setting in php.ini (apparently)
How can I change IIS application pool property setProfileEnvironment from Powershell?
How can I use the "Standard Deviation" function in my LogParser queries?
IIS10 SSL Configuration for Multiple Sites and more than one SSL Cert
How to clear the server cache in iis
Getting 'A fatal error occurred while creating a TLS client credential' error when browsing/trying to access the site hosted in IIS 10 WS 2016
.NET Core 3.1 - SAP Connector - Could not load type 'System.ServiceModel.Activation.VirtualPathExtension'
Server Error in '/' Application Access is denied
Docker .net framework application
What do I need to do to make a Docker-hosted local website available through localhost?
Installed SSL certificate in certificate store, but it's not in IIS certificate list
Unable to resolve 500.30 error in simple web application
GCP load balancer 502 server error and "backend_connection_closed_before_data_sent_to_client" IIS 10