Code based CSRF solutions

ViewState User Keys (.net) Synchronizer token pattern
Only does postbacks
AntiForgeryToken (.net MVC) Synchronizer Token Pattern
Requires a lot of code changes
AntiCSRF (.net) Double submit cookies
Only protects POST
CSRFGuard (Java, PHP port) Synchronizer Token Pattern
Can be done per session or per page
HDIV (Java) Synchronizer Token Pattern
Per link or action, queue based expiry


Server based CSRF solutions

Tomcat Synchronizer token pattern
Queue based Expiry
F5 ASM Synchronizer token pattern
Time based expiry
Imperva SecureSphere Checks Referer Header
Is largely intended for detection, not prevention.