|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
@PublicApi public interface XsrfInvocationChecker
Checks that a web-request (either WebWork action or HttpServlet) has been invoked with the correct XSRF token.
| Field Summary | |
|---|---|
static String |
REQUIRE_SECURITY_TOKEN
This is the same name that Confluences uses in their webwork2 world so we are using the same name for synergy reasons |
static String |
X_ATLASSIAN_TOKEN
|
| Method Summary | |
|---|---|
XsrfCheckResult |
checkActionInvocation(webwork.action.Action action,
Map<String,?> parameters)
Checks that the action about to be executed has been invoked within the correct XSRF parameters. |
XsrfCheckResult |
checkWebRequestInvocation(javax.servlet.http.HttpServletRequest httpServletRequest)
Checks that the web request contains the correct XSRF parameters. |
| Field Detail |
|---|
static final String REQUIRE_SECURITY_TOKEN
static final String X_ATLASSIAN_TOKEN
| Method Detail |
|---|
XsrfCheckResult checkActionInvocation(webwork.action.Action action,
Map<String,?> parameters)
RequiresXsrfCheck.
action - the ActionSupport in play. Cannot be null.parameters - the parameters this has been called with. Cannot be null.
XsrfCheckResult checkWebRequestInvocation(javax.servlet.http.HttpServletRequest httpServletRequest)
httpServletRequest - the HttpServletRequest in play. Can't be null.
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||