java.lang.Object |
↳ |
com.atlassian.jira.security.xsrf.DefaultXsrfInvocationChecker |
Class Overview
This class will check that a web-request (either WebWork action or HttpServlet) has been invoked with the correct
XSRF token.
Public Constructors
Public Methods
Checks that the action about to be executed has been invoked within the correct XSRF parameters. This method will
only perform the check if the current "command" is annotated with RequiresXsrfCheck
.
Parameters
action
| the webwork.action.ActionSupport in play. Cannot be null. |
parameters
| the parameters this has been called with. Cannot be null. |
Returns
- false if the action failed the XSRF check.
public
XsrfCheckResult
checkWebRequestInvocation
(HttpServletRequest httpServletRequest)
Checks that the web request contains the correct XSRF parameters.
Parameters
httpServletRequest
| the javax.servlet.http.HttpServletRequest in play. Can't be null. |
Returns
- false if the request failed the XSRF check.