org.http4s.server.middleware.CSRF$
See theCSRF companion class
object CSRF
Attributes
- Companion:
- class
- Source:
- CSRF.scala
- Graph
- Supertypes
- Self type
- CSRF.type
Members list
Concise view
Type members
Classlikes
Attributes
- Source:
- CSRF.scala
- Graph
- Supertypes
Attributes
- Source:
- CSRF.scala
- Graph
- Supertypes
- trait Singletontrait Producttrait Mirrortrait Producttrait Equalstrait NoStackTraceclass Exceptionclass Throwabletrait Serializableclass Objecttrait Matchableclass Any
- Self type
- CSRFCheckFailed.type
Types
Attributes
- Source:
- CSRF.scala
Attributes
- Source:
- CSRF.scala
type CSRFToken
Attributes
- Source:
- CSRF.scala
Value members
Concrete methods
def apply[F[_] : Async, G[_] : Applicative](key: ByteVector, headerCheck: Request[G] => Boolean): CSRFBuilder[F, G]
Attributes
- Source:
- CSRF.scala
Build a new HMACSHA1 Key for our CSRF Middleware
from key bytes. This operation is unsafe, in that
any amount less than 20 bytes will throw an exception when loaded
into Mac. Any keys larger than 64 bytes are just hashed.
Build a new HMACSHA1 Key for our CSRF Middleware
from key bytes. This operation is unsafe, in that
any amount less than 20 bytes will throw an exception when loaded
into Mac. Any keys larger than 64 bytes are just hashed.
For more information, refer to: https://datatracker.ietf.org/doc/html/rfc2104#section-3
Use for loading a key from a config file, after having generated one safely
Attributes
- Source:
- CSRF.scala
Attributes
- Source:
- CSRF.scala
def checkCSRFinHeaderAndForm[F[_], G[_] : Concurrent](fieldName: String, nt: FunctionK[G, F])(implicit evidence$13: Concurrent[G], F: Async[F]): CSRF[F, G] => F => G
Attributes
- Source:
- CSRF.scala
def Uri.fromString(o.head.value)match{
caseRight(uri)=>
Some.apply[Uri](uri)
caseLeft(_)=>
None
})).exists(((u:Uri)=>u.host.exists(((_$45:Host)=>_$45.value.==(host))).&&(u.scheme.contains[Scheme](sc)).&&(u.port.==(port)))).||(r.headers.get[Referer](singleHeaders[Referer](headerInstance)).exists(((`u₂`:Referer)=>`u₂`.uri.host.exists(((_$46:Host)=>_$46.value.==(host))).&&(`u₂`.uri.scheme.contains[Scheme](sc)).&&(`u₂`.uri.port.==(port)))))" t="n"class="documentableName ">defaultOriginCheck[F[_]](r: Request[F], host: String, sc: Scheme, port: Option[Int]): Boolean
Check origin matches our proposed origin.
Generate a signing Key for the CSRF token
A Constant-time string equality
Attributes
- Source:
- CSRF.scala
A Constant-time string equality
Attributes
- Source:
- CSRF.scala
def withDefaultOriginCheck[F[_] : Async, G[_] : Applicative](key: ByteVector, host: String, scheme: Scheme, port: Option[Int]): CSRFBuilder[F, G]
Attributes
- Source:
- CSRF.scala
Attributes
- Source:
- CSRF.scala
def withGeneratedKey[F[_] : Async, G[_] : Applicative](headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]
Attributes
- Source:
- CSRF.scala
def withKeyBytes[F[_] : Async, G[_] : Applicative](keyBytes: Array[Byte], headerCheck: Request[G] => Boolean): F[CSRFBuilder[F, G]]
Attributes
- Source:
- CSRF.scala