Trait/Object

org.scalatra

CsrfTokenSupport

Related Docs: object CsrfTokenSupport | package scalatra

Permalink

trait CsrfTokenSupport extends AnyRef

Provides cross-site request forgery protection.

Adds a before filter. If a request is determined to be forged, the handleForgery() hook is invoked. Otherwise, a token for the next request is prepared with prepareCsrfToken.

Self Type
CsrfTokenSupport with ScalatraBase
Linear Supertypes
AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. CsrfTokenSupport
  2. AnyRef
  3. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Value Members

  1. final def !=(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  2. final def ##(): Int

    Permalink
    Definition Classes
    AnyRef → Any

  3. final def ==(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  4. final def asInstanceOf[T0]: T0

    Permalink
    Definition Classes
    Any

  5. def clone(): AnyRef

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  6. def csrfKey: String

    Permalink

    The key used to store the token on the session, as well as the parameter of the request.

  7. def csrfToken(implicit request: HttpServletRequest): String

    Permalink

    Returns the token from the session.

    Returns the token from the session.

    Attributes
    protected[org.scalatra]

  8. final def eq(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef

  9. def equals(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  10. def finalize(): Unit

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )

  11. final def getClass(): Class[_]

    Permalink
    Definition Classes
    AnyRef → Any

  12. def handleForgery(): Unit

    Permalink

    Take an action when a forgery is detected.

    Take an action when a forgery is detected. The default action halts further request processing and returns a 403 HTTP status code.

    Attributes
    protected

  13. def hashCode(): Int

    Permalink
    Definition Classes
    AnyRef → Any

  14. def isForged: Boolean

    Permalink

    Tests whether a request with a unsafe method is a potential cross-site forgery.

    Tests whether a request with a unsafe method is a potential cross-site forgery.

    returns

    true if the request is an unsafe method (POST, PUT, DELETE, TRACE, CONNECT, PATCH) and the request parameter at csrfKey does not match the session key of the same name.

    Attributes
    protected

  15. final def isInstanceOf[T0]: Boolean

    Permalink
    Definition Classes
    Any

  16. final def ne(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef

  17. final def notify(): Unit

    Permalink
    Definition Classes
    AnyRef

  18. final def notifyAll(): Unit

    Permalink
    Definition Classes
    AnyRef

  19. def prepareCsrfToken(): String

    Permalink

    Prepares a CSRF token.

    Prepares a CSRF token. The default implementation uses GenerateId and stores it on the session.

    Attributes
    protected

  20. final def synchronized[T0](arg0: ⇒ T0): T0

    Permalink
    Definition Classes
    AnyRef

  21. def toString(): String

    Permalink
    Definition Classes
    AnyRef → Any

  22. final def wait(): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  23. final def wait(arg0: Long, arg1: Int): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  24. final def wait(arg0: Long): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

Inherited from AnyRef

Inherited from Any

Ungrouped