object CsrfDirectives extends CsrfDirectives

Linear Supertypes
CsrfDirectives, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. CsrfDirectives
  2. CsrfDirectives
  3. AnyRef
  4. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  5. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... ) @native() @HotSpotIntrinsicCandidate()
  6. def csrfTokenFromCookie[T](checkMode: CsrfCheckMode[T]): Directive1[Option[String]]
    Definition Classes
    CsrfDirectives
  7. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  8. def equals(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  9. final def getClass(): Class[_]
    Definition Classes
    AnyRef → Any
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  10. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  11. def hmacTokenCsrfProtection[T](checkMode: CsrfCheckMode[T]): Directive0

    Protects against CSRF attacks using a double-submit cookie.

    Protects against CSRF attacks using a double-submit cookie. The cookie will be set on any GET request which doesn't have the token set in the header. For all other requests, the value of the token from the CSRF cookie must match the value in the custom header (or request body, if checkFormBody is true).

    The cookie value is the concatenation of a timestamp and its HMAC hash following the OWASP recommendation for CSRF prevention:

    Definition Classes
    CsrfDirectives
    See also

    OWASP Note that this scheme can be broken when not all subdomains are protected or not using HTTPS and secure cookies, and the token is placed in the request body (not in the header). See the documentation for more details.

  12. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  13. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  14. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  15. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  16. def setNewCsrfToken[T](checkMode: CsrfCheckMode[T]): Directive0
    Definition Classes
    CsrfDirectives
  17. def submittedCsrfToken[T](checkMode: CsrfCheckMode[T]): Directive1[String]
    Definition Classes
    CsrfDirectives
  18. final def synchronized[T0](arg0: ⇒ T0): T0
    Definition Classes
    AnyRef
  19. def toString(): String
    Definition Classes
    AnyRef → Any
  20. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  21. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... ) @native()
  22. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

Deprecated Value Members

  1. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] ) @Deprecated
    Deprecated
  2. def randomTokenCsrfProtection[T](checkMode: CsrfCheckMode[T]): Directive0
    Definition Classes
    CsrfDirectives
    Annotations
    @deprecated
    Deprecated

    (Since version 0.6.1) use hmacTokenCsrfProtection

Inherited from CsrfDirectives

Inherited from AnyRef

Inherited from Any

Ungrouped