class CSRFHandler extends Handler[RoutingContext]

This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header.

The behavior is to check the request body header and cookie for validity.

This Handler requires session support, thus should be added somewhere below Session and Body handlers.

Linear Supertypes
Handler[RoutingContext], AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. CSRFHandler
  2. Handler
  3. AnyRef
  4. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Instance Constructors

  1. new CSRFHandler(_asJava: AnyRef)

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  5. def asJava: AnyRef
  6. def clone(): AnyRef
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  7. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  8. def equals(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  9. def finalize(): Unit
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  10. final def getClass(): Class[_]
    Definition Classes
    AnyRef → Any
  11. def handle(arg0: RoutingContext): Unit
    Definition Classes
    CSRFHandler → Handler
  12. def hashCode(): Int
    Definition Classes
    AnyRef → Any
  13. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  14. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  15. final def notify(): Unit
    Definition Classes
    AnyRef
  16. final def notifyAll(): Unit
    Definition Classes
    AnyRef
  17. def setCookieName(name: String): CSRFHandler

    Set the cookie name.

    Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

    name

    a new name for the cookie.

    returns

    fluent

  18. def setHeaderName(name: String): CSRFHandler

    Set the header name.

    Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

    name

    a new name for the header.

    returns

    fluent

  19. def setNagHttps(nag: Boolean): CSRFHandler

    Should the handler give warning messages if this handler is used in other than https protocols?

    Should the handler give warning messages if this handler is used in other than https protocols?

    nag

    true to nag

    returns

    fluent

  20. def setTimeout(timeout: Long): CSRFHandler

    Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

    Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

    timeout

    token timeout

    returns

    fluent

  21. final def synchronized[T0](arg0: ⇒ T0): T0
    Definition Classes
    AnyRef
  22. def toString(): String
    Definition Classes
    AnyRef → Any
  23. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  24. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  25. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

Inherited from Handler[RoutingContext]

Inherited from AnyRef

Inherited from Any

Ungrouped