vertx / io.vertx.reactivex.ext.web.handler / CSRFHandler

CSRFHandler

open class CSRFHandler : Handler<RoutingContext>

This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header. The behavior is to check the request body header and cookie for validity. This Handler requires session support, thus should be added somewhere below Session and Body handlers. NOTE: This class has been automatically generated from the io.vertx.ext.web.handler.CSRFHandler non RX-ified interface using Vert.x codegen.

Constructors

<init>

CSRFHandler(delegate: CSRFHandler)

Properties

__TYPE_ARG

static val __TYPE_ARG: TypeArg<CSRFHandler>

Functions

create

open static fun create(secret: String): CSRFHandler

Instantiate a new CSRFHandlerImpl with a secret

 CSRFHandler.create("s3cr37") 

equals

open fun equals(other: Any?): Boolean

getDelegate

open fun getDelegate(): CSRFHandler

handle

open fun handle(arg0: RoutingContext): Unit

hashCode

open fun hashCode(): Int

newInstance

open static fun newInstance(arg: CSRFHandler): CSRFHandler

setCookieName

open fun setCookieName(name: String): CSRFHandler

Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

setCookiePath

open fun setCookiePath(path: String): CSRFHandler

Set the cookie path. By default / is used.

setHeaderName

open fun setHeaderName(name: String): CSRFHandler

Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

setNagHttps

open fun setNagHttps(nag: Boolean): CSRFHandler

Should the handler give warning messages if this handler is used in other than https protocols?

setResponseBody

open fun setResponseBody(responseBody: String): CSRFHandler

Set the body returned by the handler when the XSRF token is missing or invalid.

setTimeout

open fun setTimeout(timeout: Long): CSRFHandler

Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

toString

open fun toString(): String