CsrfProtectionFilter (Jersey 3.1.5 API)

java.lang.Object
- org.glassfish.jersey.server.filter.CsrfProtectionFilter

All Implemented Interfaces:

ContainerRequestFilter
```
@Priority(1000)
public class CsrfProtectionFilter
extends Object
implements ContainerRequestFilter
```
Simple server-side request filter that implements CSRF protection as per the Guidelines for Implementation of REST by NSA (section IV.F) and section 4.3 of this paper. If you add it to the request filters of your application, it will check for X-Requested-By header in each request except for those that don't change state (GET, OPTIONS, HEAD). If the header is not found, it returns Response.Status.BAD_REQUEST response back to the client.

Author:

Martin Matula

See Also:

CsrfProtectionFilter

- Field Summary
  
  Fields
  Modifier and Type Field Description
  
  static String HEADER_NAME
  Name of the header this filter will attach to the request.
- Constructor Summary
  
  Constructors
  Constructor Description
  
  CsrfProtectionFilter()
- Method Summary
  
  All Methods Instance Methods Concrete Methods
  Modifier and Type Method Description
  
  void filter(ContainerRequestContext rc)
  - Methods inherited from class java.lang.Object
    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - HEADER_NAME
```
public static final String HEADER_NAME
```
    Name of the header this filter will attach to the request.
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - CsrfProtectionFilter
```
public CsrfProtectionFilter()
```
- Method Detail
  - filter
```
public void filter(ContainerRequestContext rc)
            throws IOException
```
    Specified by:
    
    filter in interface ContainerRequestFilter
    
    Throws:
    
    IOException