Interface | Description |
---|---|
XsrfCheckResult |
The result of the XSRF checks
|
XsrfDefaults |
This represents the default values from jira-application properties for controlling XSRF
|
XsrfInvocationChecker |
Checks that a web-request (either WebWork action or HttpServlet) has been invoked with the correct
XSRF token.
|
XsrfTokenGenerator |
Interface for generating anti-XSRF tokens for web forms.
|
Class | Description |
---|---|
BootstrapXsrfTokenGenerator |
A no-op XsrfTokenGenerator that is added to the Bootstrap container because it is required in Servlet Filters.
|
DefaultXsrfInvocationChecker |
This class will check that a web-request (either WebWork action or HttpServlet) has been invoked with the correct
XSRF token.
|
SimpleXsrfTokenGenerator |
Implementation of XsrfTokenGenerator that stores a unique token depending
on strategy resolved
- requests originated by jira (webwork) run with
XsrfTokenStrategy.Type.SESSION strategy
- external requests (like REST calls) run with XsrfTokenStrategy.Type.COOKIE strategy |
XsrfDefaultsImpl |
An implementation of
XsrfDefaults |
XsrfTokenAdditionRequestFilter |
This request
Filter will set a XSRF token into the session IF there is a user AND they dont
already have a token. |
XsrfVulnerabilityDetectionSQLInterceptor |
SQL Interceptor that detects changes to the database that aren't xsrf protected
|
Exception | Description |
---|---|
XsrfFailureException |
This is thrown when a request fails an XSRF check.
|
Annotation Type | Description |
---|---|
RequiresXsrfCheck |
The annotation used to indicate that a method needs XSRF protection checking
|
Copyright © 2002-2021 Atlassian. All Rights Reserved.