org.http4s.server.middleware.CSRF$
See theCSRF companion class
object CSRF
Attributes
- Companion:
- class
- Source:
- CSRF.scala
- Graph
- Supertypes
- Self type
- CSRF.type
Members list
Concise view
Type members
Classlikes
Attributes
- Source:
- CSRF.scala
- Graph
- Supertypes
Attributes
- Source:
- CSRF.scala
- Graph
- Supertypes
- trait Singletontrait Producttrait Mirrortrait Producttrait Equalstrait NoStackTraceclass Exceptionclass Throwabletrait Serializableclass Objecttrait Matchableclass Any
- Self type
- CSRFCheckFailed.type
Types
Attributes
- Source:
- CSRF.scala
Attributes
- Source:
- CSRF.scala
type CSRFToken
Attributes
- Source:
- CSRF.scala
Value members
Concrete methods
def :Nothing<:Any]=>SyncIO[A]](forApplicativeThrow[[A>:Nothing<:Any]=>SyncIO[A]](syncForSyncIO)).importJavaKey(key).unsafeRunSync(),headerCheck=headerCheck,csrfCheck=checkCSRFDefault[F,G](evidence$2))(evidence$2,evidence$3)" t="n"class="documentableName ">apply[F[_] : Sync, G[_] : Applicative](key: SecretKey, headerCheck: Request[G] => Boolean): CSRFBuilder[F, G]
Attributes
- Source:
- CSRF.scala
Build a new HMACSHA1 Key for our CSRF Middleware
from key bytes. This operation is unsafe, in that
any amount less than 20 bytes will throw an exception when loaded
into Mac
. Any keys larger than 64 bytes are just hashed.
Build a new HMACSHA1 Key for our CSRF Middleware
from key bytes. This operation is unsafe, in that
any amount less than 20 bytes will throw an exception when loaded
into Mac
. Any keys larger than 64 bytes are just hashed.
For more information, refer to: https://datatracker.ietf.org/doc/html/rfc2104#section-3
Use for loading a key from a config file, after having generated one safely
Attributes
- Source:
- CSRF.scala
Attributes
- Source:
- CSRF.scala
def checkCSRFinHeaderAndForm[F[_], G[_] : Concurrent](fieldName: String, nt: FunctionK[G, F])(implicit evidence$12: Concurrent[G], F: Sync[F]): CSRF[F, G] => F => G
Attributes
- Source:
- CSRF.scala
def Uri.fromString(o.head.value)match{
caseRight(uri)=>
Some.apply[Uri](uri)
caseLeft(_)=>
None
})).exists(((u:Uri)=>u.host.exists(((_$44:Host)=>_$44.value.==(host))).&&(u.scheme.contains[Scheme](sc)).&&(u.port.==(port)))).||(r.headers.get[Referer](singleHeaders[Referer](headerInstance)).exists(((`u₂`:Referer)=>`u₂`.uri.host.exists(((_$45:Host)=>_$45.value.==(host))).&&(`u₂`.uri.scheme.contains[Scheme](sc)).&&(`u₂`.uri.port.==(port)))))" t="n"class="documentableName ">defaultOriginCheck[F[_]](r: Request[F], host: String, sc: Scheme, port: Option[Int]): Boolean
Check origin matches our proposed origin.
Generate a signing Key for the CSRF token
A Constant-time string equality
Attributes
- Source:
- CSRF.scala
A Constant-time string equality
Attributes
- Source:
- CSRF.scala
Attributes
- Source:
- CSRF.scala
Attributes
- Source:
- CSRF.scala
def withGeneratedKey[F[_] : Sync, G[_] : Applicative](headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]
Attributes
- Source:
- CSRF.scala
def withKeyBytes[F[_] : Sync, G[_] : Applicative](keyBytes: Array[Byte], headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]
Attributes
- Source:
- CSRF.scala
Deprecated fields
Attributes
- Deprecated
- true
- Source:
- CSRF.scala