Package | Description |
---|---|
org.forgerock.http.filter |
Core
Filter implementations. |
Modifier and Type | Method and Description |
---|---|
CsrfFilter.Builder |
CsrfFilter.Builder.excludeMethods(String... httpMethods)
Excludes a HTTP method from the CSRF filter.
|
CsrfFilter.Builder |
CsrfFilter.Builder.excludePaths(Collection<String> paths)
Excludes the paths from the CSRF filter.
|
CsrfFilter.Builder |
CsrfFilter.Builder.excludePaths(String... paths)
Excludes a path from the CSRF filter.
|
CsrfFilter.Builder |
CsrfFilter.Builder.excludePathsStarting(Collection<String> pathPrefixes)
Excludes paths starting with the given prefixes from the CSRF filter.
|
CsrfFilter.Builder |
CsrfFilter.Builder.excludePathsStarting(String... pathPrefixes)
Excludes paths starting with the given prefixes from the CSRF filter.
|
CsrfFilter.Builder |
CsrfFilter.Builder.excludeRequests(Predicate<Request> predicate)
Excludes requests that match the given predicate from the CSRF filter.
|
CsrfFilter.Builder |
CsrfFilter.Builder.excludeRequests(Predicate<Request> predicate,
String description)
Excludes requests that match the given predicate from the CSRF filter.
|
CsrfFilter.Builder |
CsrfFilter.Builder.excludeSafeMethods()
Excludes HTTP safe methods
that are usually not susceptible to CSRF attacks:
GET , HEAD , and OPTIONS . |
CsrfFilter.Builder |
CsrfFilter.Builder.failureHandler(Handler failureHandler)
Add a handler which will be responsible of creating a response in case of missing/wrong CSRF token.
|
static CsrfFilter.Builder |
Filters.newCsrfFilter(String cookieName)
Creates a filter that protects against cross-site request forgery (CSRF) attacks when using cookies for
authentication.
|
CsrfFilter.Builder |
CsrfFilter.Builder.tokenHeader(String csrfTokenHeader)
Sets the header to use to receive the anti-CSRF token.
|
Copyright © 2010-2018, ForgeRock All Rights Reserved.