Package io.vertx.mutiny.ext.web.handler

Class CSRFHandler

java.lang.Object
io.vertx.mutiny.ext.web.handler.CSRFHandler
All Implemented Interfaces:
MutinyDelegate, io.vertx.core.Handler<RoutingContext>, InputTrustHandler, Consumer<RoutingContext>
public class CSRFHandler extends Object implements MutinyDelegate, InputTrustHandler, io.vertx.core.Handler<RoutingContext>, Consumer<RoutingContext>
This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header. The behavior is to check the request body header and cookie for validity. This Handler requires session support, thus should be added somewhere below Session and Body handlers.

NOTE: This class has been automatically generated from the original non Mutiny-ified interface using Vert.x codegen.

  • Field Details

  • Constructor Details

    • CSRFHandler

      public CSRFHandler(io.vertx.ext.web.handler.CSRFHandler delegate)

    • CSRFHandler

      public CSRFHandler(Object delegate)

  • Method Details

    • getDelegate

      public io.vertx.ext.web.handler.CSRFHandler getDelegate()
      Specified by:
      getDelegate in interface InputTrustHandler
      Specified by:
      getDelegate in interface MutinyDelegate
      Returns:
      the delegate used by this Mutiny object of generated type

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • handle

      public void handle(RoutingContext arg0)
      Specified by:
      handle in interface io.vertx.core.Handler<RoutingContext>
      Specified by:
      handle in interface InputTrustHandler

    • create

      public static CSRFHandler create(Vertx vertx, String secret)
      Parameters:
      vertx -
      secret - server secret to sign the token.
      Returns:

    • setOrigin

      public CSRFHandler setOrigin(String origin)
      Parameters:
      origin - the origin for this server e.g.: https://www.foo.com.
      Returns:
      fluent

    • setCookieName

      public CSRFHandler setCookieName(String name)
      Parameters:
      name - a new name for the cookie.
      Returns:
      fluent

    • setCookiePath

      public CSRFHandler setCookiePath(String path)
      Parameters:
      path - a new path for the cookie.
      Returns:
      fluent

    • setCookieHttpOnly

      public CSRFHandler setCookieHttpOnly(boolean httpOnly)
      Parameters:
      httpOnly - a new name for the header.
      Returns:
      fluent

    • setCookieSecure

      public CSRFHandler setCookieSecure(boolean secure)
      Parameters:
      secure - true to set the secure flag on the cookie
      Returns:
      a reference to this, so the API can be used fluently

    • setHeaderName

      public CSRFHandler setHeaderName(String name)
      Parameters:
      name - a new name for the header.
      Returns:
      fluent

    • setNagHttps

      public CSRFHandler setNagHttps(boolean nag)
      Parameters:
      nag - true to nag
      Returns:
      fluent

    • setTimeout

      public CSRFHandler setTimeout(long timeout)
      Parameters:
      timeout - token timeout
      Returns:
      fluent

    • accept

      public void accept(RoutingContext item)
      Specified by:
      accept in interface Consumer<RoutingContext>
      Specified by:
      accept in interface InputTrustHandler

    • newInstance

      public static CSRFHandler newInstance(io.vertx.ext.web.handler.CSRFHandler arg)