|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.sun.jersey.api.container.filter.CsrfProtectionFilter
public class CsrfProtectionFilter
Simple server-side request filter that implements CSRF protection as per the
Guidelines for Implementation of REST
by NSA (section IV.F) and
section 4.3 of this paper.
If you add it to the request filters of your application, it will check for X-Requested-By header in each
request except for those that don't change state (GET, OPTIONS, HEAD). If the header is not found,
it returns Response.Status.BAD_REQUEST
response back to the client.
Constructor Summary | |
---|---|
CsrfProtectionFilter()
|
Method Summary | |
---|---|
ContainerRequest |
filter(ContainerRequest request)
Filter the request. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public CsrfProtectionFilter()
Method Detail |
---|
public ContainerRequest filter(ContainerRequest request)
ContainerRequestFilter
An implementation may modify the state of the request or create a new instance.
filter
in interface ContainerRequestFilter
request
- the request.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |