open class CSRFHandler : Handler<RoutingContext>
This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header. The behavior is to check the request body header and cookie for validity. This Handler requires session support, thus should be added somewhere below Session and Body handlers. NOTE: This class has been automatically generated from the io.vertx.ext.web.handler.CSRFHandler non RX-ified interface using Vert.x codegen.
CSRFHandler(delegate: CSRFHandler) |
static val __TYPE_ARG: TypeArg<CSRFHandler> |
open static fun create(secret: String): CSRFHandler
Instantiate a new CSRFHandlerImpl with a secret
|
|
open fun equals(other: Any?): Boolean |
|
open fun getDelegate(): CSRFHandler |
|
open fun handle(arg0: RoutingContext): Unit |
|
open fun hashCode(): Int |
|
open static fun newInstance(arg: CSRFHandler): CSRFHandler |
|
open fun setCookieName(name: String): CSRFHandler
Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names. |
|
open fun setCookiePath(path: String): CSRFHandler
Set the cookie path. By default / is used. |
|
open fun setHeaderName(name: String): CSRFHandler
Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names. |
|
open fun setNagHttps(nag: Boolean): CSRFHandler
Should the handler give warning messages if this handler is used in other than https protocols? |
|
open fun setResponseBody(responseBody: String): CSRFHandler
Set the body returned by the handler when the XSRF token is missing or invalid. |
|
open fun setTimeout(timeout: Long): CSRFHandler
Set the timeout for tokens generated by the handler, by default it uses the default from the session handler. |
|
open fun toString(): String |