OWASP Randomized Header Channel for CSRF Protection

This project proposes a security technique titled “Randomized Header Channel for CSRF Protection”. It introduces unpredictability in CSRF token transmission by rotating between multiple valid headers per request, making attacks like interception, automation, or replay significantly harder.

The idea was originally developed in Spanish and translated into English for community review. The method was designed during the development of a real-world SaaS platform and has practical application in JWT-based systems and modern distributed architectures.

I hope this can be a valuable contribution to the OWASP community, especially in the areas of token-based authentication and request integrity.

Road Map

1.- Submit idea for review. 2.- Collect feedback from OWASP community. 3.- Adjust documentation if needed and add implementation examples. 4.- Publish and maintain the project as open security documentation.