Class: VertxWeb::CSRFHandler
- Inherits:
-
Object
- Object
- VertxWeb::CSRFHandler
show all
- Defined in:
- /Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb
Overview
This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set
with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header.
The behavior is to check the request body header and cookie for validity.
This Handler requires session support, thus should be added somewhere below Session and Body handlers.
Constant Summary
- @@j_api_type =
Object.new
Class Method Summary
(collapse)
Instance Method Summary
(collapse)
Class Method Details
+ (Boolean) accept?(obj)
24
25
26
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 24
def @@j_api_type.accept?(obj)
obj.class == CSRFHandler
end
|
Instantiate a new CSRFHandlerImpl with a secret
CSRFHandler.create("s3cr37")
56
57
58
59
60
61
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 56
def self.create(vertx=nil,secret=nil)
if vertx.class.method_defined?(:j_del) && secret.class == String && !block_given?
return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtWebHandler::CSRFHandler.java_method(:create, [Java::IoVertxCore::Vertx.java_class,Java::java.lang.String.java_class]).call(vertx.j_del,secret),::VertxWeb::CSRFHandler)
end
raise ArgumentError, "Invalid arguments when calling create(#{vertx},#{secret})"
end
|
+ (Object) DEFAULT_COOKIE_NAME
127
128
129
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 127
def self.DEFAULT_COOKIE_NAME
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_COOKIE_NAME
end
|
+ (Object) DEFAULT_COOKIE_PATH
130
131
132
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 130
def self.DEFAULT_COOKIE_PATH
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_COOKIE_PATH
end
|
133
134
135
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 133
def self.DEFAULT_HEADER_NAME
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_HEADER_NAME
end
|
+ (Object) DEFAULT_RESPONSE_BODY
136
137
138
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 136
def self.DEFAULT_RESPONSE_BODY
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_RESPONSE_BODY
end
|
+ (Object) ERROR_MESSAGE
124
125
126
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 124
def self.ERROR_MESSAGE
Java::IoVertxExtWebHandler::CSRFHandler.ERROR_MESSAGE
end
|
+ (Object) j_api_type
33
34
35
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 33
def self.j_api_type
@@j_api_type
end
|
+ (Object) j_class
36
37
38
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 36
def self.j_class
Java::IoVertxExtWebHandler::CSRFHandler.java_class
end
|
+ (Object) unwrap(obj)
30
31
32
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 30
def @@j_api_type.unwrap(obj)
obj.j_del
end
|
+ (Object) wrap(obj)
27
28
29
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 27
def @@j_api_type.wrap(obj)
CSRFHandler.new(obj)
end
|
Instance Method Details
- (void) handle(event = nil)
This method returns an undefined value.
Something has happened, so handle it.
42
43
44
45
46
47
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 42
def handle(event=nil)
if event.class.method_defined?(:j_del) && !block_given?
return @j_del.java_method(:handle, [Java::IoVertxExtWeb::RoutingContext.java_class]).call(event.j_del)
end
raise ArgumentError, "Invalid arguments when calling handle(#{event})"
end
|
- (self) set_cookie_name(name = nil)
Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks
might use other names.
66
67
68
69
70
71
72
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 66
def set_cookie_name(name=nil)
if name.class == String && !block_given?
@j_del.java_method(:setCookieName, [Java::java.lang.String.java_class]).call(name)
return self
end
raise ArgumentError, "Invalid arguments when calling set_cookie_name(#{name})"
end
|
- (self) set_cookie_path(path = nil)
Set the cookie path. By default / is used.
76
77
78
79
80
81
82
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 76
def set_cookie_path(path=nil)
if path.class == String && !block_given?
@j_del.java_method(:setCookiePath, [Java::java.lang.String.java_class]).call(path)
return self
end
raise ArgumentError, "Invalid arguments when calling set_cookie_path(#{path})"
end
|
Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other
frameworks might use other names.
87
88
89
90
91
92
93
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 87
def (name=nil)
if name.class == String && !block_given?
@j_del.java_method(:setHeaderName, [Java::java.lang.String.java_class]).call(name)
return self
end
raise ArgumentError, "Invalid arguments when calling set_header_name(#{name})"
end
|
- (self) set_nag_https(nag = nil)
Should the handler give warning messages if this handler is used in other than https protocols?
97
98
99
100
101
102
103
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 97
def set_nag_https(nag=nil)
if (nag.class == TrueClass || nag.class == FalseClass) && !block_given?
@j_del.java_method(:setNagHttps, [Java::boolean.java_class]).call(nag)
return self
end
raise ArgumentError, "Invalid arguments when calling set_nag_https(#{nag})"
end
|
- (self) set_response_body(responseBody = nil)
Set the body returned by the handler when the XSRF token is missing or invalid.
107
108
109
110
111
112
113
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 107
def set_response_body(responseBody=nil)
if responseBody.class == String && !block_given?
@j_del.java_method(:setResponseBody, [Java::java.lang.String.java_class]).call(responseBody)
return self
end
raise ArgumentError, "Invalid arguments when calling set_response_body(#{responseBody})"
end
|
- (self) set_timeout(timeout = nil)
Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.
117
118
119
120
121
122
123
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 117
def set_timeout(timeout=nil)
if timeout.class == Fixnum && !block_given?
@j_del.java_method(:setTimeout, [Java::long.java_class]).call(timeout)
return self
end
raise ArgumentError, "Invalid arguments when calling set_timeout(#{timeout})"
end
|