من قبل
George El Haddad , Software Engineer (Freelance) , Scientific Software Consultancy & Training
First off you did not mention the language or platform the web-application is on. That is a very key aspect to providing you a proper answer that would suite your needs.
There is the Enterprise Security API (ESAPI) by the Open Web Application Security Project (OWASP) that provide an API in various languages that will allow you to validate, verify, authenticate and log operation revolving around security. With this you can create a layer that should prevent CSRF.
Though remember that web-app security is only as good as the programmer who implements it.
See this link for more info on ESAPI https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API