object CSRF
- Companion:
- class
Type members
Classlikes
Value members
Concrete methods
:Nothing<:Any]=>SyncIO[A]](forApplicativeThrow[[A>:Nothing<:Any]=>SyncIO[A]](syncForSyncIO)).importJavaKey(key).unsafeRunSync(),headerCheck=headerCheck,csrfCheck=checkCSRFDefault[F,G](evidence$2))(evidence$2,evidence$3)" class="documentableAnchor">
def :Nothing<:Any]=>SyncIO[A]](forApplicativeThrow[[A>:Nothing<:Any]=>SyncIO[A]](syncForSyncIO)).importJavaKey(key).unsafeRunSync(),headerCheck=headerCheck,csrfCheck=checkCSRFDefault[F,G](evidence$2))(evidence$2,evidence$3)" class="documentableName ">apply[F[_] : Sync, G[_] : Applicative](key: SecretKey, headerCheck: Request[G] => Boolean): CSRFBuilder[F, G]
Build a new HMACSHA1 Key for our CSRF Middleware
from key bytes. This operation is unsafe, in that
any amount less than 20 bytes will throw an exception when loaded
into Mac. Any keys larger than 64 bytes are just hashed.
Build a new HMACSHA1 Key for our CSRF Middleware
from key bytes. This operation is unsafe, in that
any amount less than 20 bytes will throw an exception when loaded
into Mac. Any keys larger than 64 bytes are just hashed.
For more information, refer to: https://datatracker.ietf.org/doc/html/rfc2104#section-3
Use for loading a key from a config file, after having generated one safely
def checkCSRFinHeaderAndForm[F[_], G[_] : Concurrent](fieldName: String, nt: FunctionK[G, F])(implicit evidence$12: Concurrent[G], F: Sync[F]): CSRF[F, G] => F => G
Uri.fromString(o.head.value)match{
caseRight(uri)=>
Some.apply[Uri](uri)
caseLeft(_)=>
None
})).exists(((u:Uri)=>u.host.exists(((_$44:Host)=>_$44.value.==(host))).&&(u.scheme.contains[Scheme](sc)).&&(u.port.==(port)))).||(r.headers.get[Referer](singleHeaders[Referer](headerInstance)).exists(((`u₂`:Referer)=>`u₂`.uri.host.exists(((_$45:Host)=>_$45.value.==(host))).&&(`u₂`.uri.scheme.contains[Scheme](sc)).&&(`u₂`.uri.port.==(port)))))" class="documentableAnchor">
def Uri.fromString(o.head.value)match{
caseRight(uri)=>
Some.apply[Uri](uri)
caseLeft(_)=>
None
})).exists(((u:Uri)=>u.host.exists(((_$44:Host)=>_$44.value.==(host))).&&(u.scheme.contains[Scheme](sc)).&&(u.port.==(port)))).||(r.headers.get[Referer](singleHeaders[Referer](headerInstance)).exists(((`u₂`:Referer)=>`u₂`.uri.host.exists(((_$45:Host)=>_$45.value.==(host))).&&(`u₂`.uri.scheme.contains[Scheme](sc)).&&(`u₂`.uri.port.==(port)))))" class="documentableName ">defaultOriginCheck[F[_]](r: Request[F], host: String, sc: Scheme, port: Option[Int]): Boolean
Check origin matches our proposed origin.
Check origin matches our proposed origin.
def withDefaultOriginCheck[F[_] : Sync, G[_] : Applicative](key: SecretKey, host: String, scheme: Scheme, port: Option[Int]): CSRFBuilder[F, G]
def withDefaultOriginCheckFormAware[F[_] : Sync, G[_] : Concurrent](fieldName: String, nt: FunctionK[G, F])(key: SecretKey, host: String, scheme: Scheme, port: Option[Int]): CSRFBuilder[F, G]
def withGeneratedKey[F[_] : Sync, G[_] : Applicative](headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]
def withKeyBytes[F[_] : Sync, G[_] : Applicative](keyBytes: Array[Byte], headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]