org.http4s.server.middleware.CSRF$
See theCSRF companion class
object CSRF
Attributes
- Companion
- class
- Source
- CSRF.scala
- Graph
-
- Supertypes
- Self type
-
CSRF.type
Members list
Type members
Classlikes
Attributes
- Source
- CSRF.scala
- Supertypes
case object CSRFCheckFailed extends Exception, NoStackTrace
Attributes
- Source
- CSRF.scala
- Supertypes
-
trait Singletontrait Producttrait Mirrortrait Producttrait Equalstrait NoStackTraceclass Exceptionclass Throwabletrait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
CSRFCheckFailed.type
Types
Attributes
- Source
- CSRF.scala
Attributes
- Source
- CSRF.scala
type CSRFToken
Attributes
- Source
- CSRF.scala
Value members
Concrete methods
def :Nothing<:Any]=>SyncIO[A]](forApplicativeThrow[[A>:Nothing<:Any]=>SyncIO[A]](syncForSyncIO)).importJavaKey(key).unsafeRunSync(),headerCheck=headerCheck,csrfCheck=checkCSRFDefault[F,G](evidence$2))(evidence$2,evidence$3)" t="n"class="documentableName ">apply[F[_] : Sync, G[_] : Applicative](key: SecretKey, headerCheck: Request[G] => Boolean): CSRFBuilder[F, G]
Attributes
- Source
- CSRF.scala
Build a new HMACSHA1 Key for our CSRF Middleware from key bytes. This operation is unsafe, in that any amount less than 20 bytes will throw an exception when loaded into Mac. Any keys larger than 64 bytes are just hashed.
Build a new HMACSHA1 Key for our CSRF Middleware from key bytes. This operation is unsafe, in that any amount less than 20 bytes will throw an exception when loaded into Mac. Any keys larger than 64 bytes are just hashed.
For more information, refer to: https://datatracker.ietf.org/doc/html/rfc2104#section-3
Use for loading a key from a config file, after having generated one safely
Attributes
- Source
- CSRF.scala
Attributes
- Source
- CSRF.scala
def checkCSRFinHeaderAndForm[F[_], G[_] : Concurrent](fieldName: String, nt: FunctionK[G, F])(implicit evidence$12: Concurrent[G], F: Sync[F]): CSRF[F, G] => F => G
Attributes
- Source
- CSRF.scala
def Uri.fromString(o.head.value)match{ caseRight(uri)=> Some.apply[Uri](uri) caseLeft(_)=> None })).exists(((u:Uri)=>u.host.exists(((_$44:Host)=>_$44.value.==(host))).&&(u.scheme.contains[Scheme](sc)).&&(u.port.==(port)))).||(r.headers.get[Referer](singleHeaders[Referer](headerInstance)).exists(((`u₂`:Referer)=>`u₂`.uri.host.exists(((_$45:Host)=>_$45.value.==(host))).&&(`u₂`.uri.scheme.contains[Scheme](sc)).&&(`u₂`.uri.port.==(port)))))" t="n"class="documentableName ">defaultOriginCheck[F[_]](r: Request[F], host: String, sc: Scheme, port: Option[Int]): Boolean
Check origin matches our proposed origin.
Generate a signing Key for the CSRF token
A Constant-time string equality
Attributes
- Source
- CSRF.scala
A Constant-time string equality
Attributes
- Source
- CSRF.scala
Attributes
- Source
- CSRF.scala
Attributes
- Source
- CSRF.scala
def withGeneratedKey[F[_] : Sync, G[_] : Applicative](headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]
Attributes
- Source
- CSRF.scala
def withKeyBytes[F[_] : Sync, G[_] : Applicative](keyBytes: Array[Byte], headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]
Attributes
- Source
- CSRF.scala
Deprecated fields
Attributes
- Deprecated
- true
- Source
- CSRF.scala
In this article