Interface SpincastFormsCsrfProtectionFilter
- All Known Implementing Classes:
SpincastFormsCsrfProtectionFilterDefault
public interface SpincastFormsCsrfProtectionFilter
The Forms CSRF Protection Filter.
You should add this filter with the "skipResourcesRequests()" options so it is ignored except for main routes.
-
Method Summary
Modifier and TypeMethodDescriptionReturns the current CSRF token to use Will be taken from the user session by default.void
handle
(RequestContext<?> context) Filter's handle main method.
-
Method Details
-
handle
void handle(RequestContext<?> context) throws FormInvalidOriginException, FormInvalidCsrfTokenException Filter's handle main method.- Throws:
FormInvalidOriginException
- if the form was submitted from an invalid orgine.FormInvalidCsrfTokenException
- if the form was submitted with an invalid CRSF token.
-
getCurrentCsrfToken
SpincastCsrfToken getCurrentCsrfToken()Returns the current CSRF token to use Will be taken from the user session by default.If there is none, a new one is created and save in the user's session! This will make the session being dirty and saved to the database.
-