skinny.micro.contrib

XSRFTokenSupport

trait XSRFTokenSupport extends AnyRef

Provides cross-site request forgery protection.

If a request is determined to be forged, the handleForgery() hook is invoked. Otherwise, a token for the next request is prepared with prepareCsrfToken.

Self Type
XSRFTokenSupport with SkinnyMicroBase with BeforeAfterDsl
Linear Supertypes
AnyRef, Any
Ordering
  1. Alphabetic
  2. By inheritance
Inherited
  1. XSRFTokenSupport
  2. AnyRef
  3. Any
  1. Hide All
  2. Show all
Learn more about member selection
Visibility
  1. Public
  2. All

Value Members

  1. final def !=(arg0: AnyRef): Boolean

    Definition Classes
    AnyRef
  2. final def !=(arg0: Any): Boolean

    Definition Classes
    Any
  3. final def ##(): Int

    Definition Classes
    AnyRef → Any
  4. final def ==(arg0: AnyRef): Boolean

    Definition Classes
    AnyRef
  5. final def ==(arg0: Any): Boolean

    Definition Classes
    Any
  6. final def asInstanceOf[T0]: T0

    Definition Classes
    Any
  7. def clone(): AnyRef

    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  8. final def eq(arg0: AnyRef): Boolean

    Definition Classes
    AnyRef
  9. def equals(arg0: Any): Boolean

    Definition Classes
    AnyRef → Any
  10. def finalize(): Unit

    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  11. final def getClass(): Class[_]

    Definition Classes
    AnyRef → Any
  12. def handleForgery(): Unit

    Take an action when a forgery is detected.

    Take an action when a forgery is detected. The default action halts further request processing and returns a 403 HTTP status code.

    Attributes
    protected
  13. def hashCode(): Int

    Definition Classes
    AnyRef → Any
  14. def isForged: Boolean

    Tests whether a request with a unsafe method is a potential cross-site forgery.

    Tests whether a request with a unsafe method is a potential cross-site forgery.

    returns

    true if the request is an unsafe method (POST, PUT, DELETE, TRACE, CONNECT, PATCH) and the request parameter at xsrfKey does not match the session key of the same name.

    Attributes
    protected
  15. final def isInstanceOf[T0]: Boolean

    Definition Classes
    Any
  16. final def ne(arg0: AnyRef): Boolean

    Definition Classes
    AnyRef
  17. final def notify(): Unit

    Definition Classes
    AnyRef
  18. final def notifyAll(): Unit

    Definition Classes
    AnyRef
  19. def prepareXsrfToken(): Unit

    Prepares a XSRF token.

    Prepares a XSRF token. The default implementation uses GenerateId and stores it on the session.

    Attributes
    protected
  20. final def synchronized[T0](arg0: ⇒ T0): T0

    Definition Classes
    AnyRef
  21. def toString(): String

    Definition Classes
    AnyRef → Any
  22. final def wait(): Unit

    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  23. final def wait(arg0: Long, arg1: Int): Unit

    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  24. final def wait(arg0: Long): Unit

    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  25. def xsrfGuard(only: RouteTransformer*): Unit

  26. def xsrfKey: String

    The key used to store the token on the session, as well as the parameter of the request.

  27. def xsrfToken(implicit ctx: SkinnyContext): String

    Returns the token from the session.

Inherited from AnyRef

Inherited from Any

Ungrouped