Class CSRFHandler

  • All Implemented Interfaces:
    io.vertx.core.Handler<RoutingContext>, InputTrustHandler, Consumer<RoutingContext>

    public class CSRFHandler
    extends Object
    implements InputTrustHandler, io.vertx.core.Handler<RoutingContext>, Consumer<RoutingContext>
    This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header. The behavior is to check the request body header and cookie for validity. This Handler requires session support, thus should be added somewhere below Session and Body handlers.

    NOTE: This class has been automatically generated from the original non Mutiny-ified interface using Vert.x codegen.

    • Constructor Detail

      • CSRFHandler

        public CSRFHandler​(io.vertx.ext.web.handler.CSRFHandler delegate)
      • CSRFHandler

        public CSRFHandler​(Object delegate)
    • Method Detail

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object
      • create

        public static CSRFHandler create​(Vertx vertx,
                                         String secret)
        Parameters:
        vertx -
        secret - server secret to sign the token.
        Returns:
      • setOrigin

        public CSRFHandler setOrigin​(String origin)
        Parameters:
        origin - the origin for this server e.g.: https://www.foo.com.
        Returns:
        fluent
      • setCookieName

        public CSRFHandler setCookieName​(String name)
        Parameters:
        name - a new name for the cookie.
        Returns:
        fluent
      • setCookiePath

        public CSRFHandler setCookiePath​(String path)
        Parameters:
        path - a new path for the cookie.
        Returns:
        fluent
      • setCookieHttpOnly

        public CSRFHandler setCookieHttpOnly​(boolean httpOnly)
        Parameters:
        httpOnly - a new name for the header.
        Returns:
        fluent
      • setCookieSecure

        public CSRFHandler setCookieSecure​(boolean secure)
        Parameters:
        secure - true to set the secure flag on the cookie
        Returns:
        a reference to this, so the API can be used fluently
      • setHeaderName

        public CSRFHandler setHeaderName​(String name)
        Parameters:
        name - a new name for the header.
        Returns:
        fluent
      • setNagHttps

        public CSRFHandler setNagHttps​(boolean nag)
        Parameters:
        nag - true to nag
        Returns:
        fluent
      • setTimeout

        public CSRFHandler setTimeout​(long timeout)
        Parameters:
        timeout - token timeout
        Returns:
        fluent
      • newInstance

        public static CSRFHandler newInstance​(io.vertx.ext.web.handler.CSRFHandler arg)