CsrfGuard (OWASP CSRFGuard 3.0.0 API)

java.lang.Object
- org.owasp.csrfguard.CsrfGuard

public final class CsrfGuard
extends Object

Field Summary

Fields
Modifier and Type Field and Description

static String PAGE_TOKENS_KEY

Fields
Modifier and Type	Field and Description
`static String`	`PAGE_TOKENS_KEY`

Constructor Summary

Constructors
Constructor and Description

CsrfGuard()

Constructors
Constructor and Description
`CsrfGuard()`

Method Summary

Methods
Modifier and Type	Method and Description
`List<IAction>`	`getActions()`
`static CsrfGuard`	`getInstance()`
`ILogger`	`getLogger()`
`String`	`getNewTokenLandingPage()`
`SecureRandom`	`getPrng()`
`Set<String>`	`getProtectedMethods()`
`Set<String>`	`getProtectedPages()`
`String`	`getSessionKey()`
`int`	`getTokenLength()`
`String`	`getTokenName()`
`String`	`getTokenValue(javax.servlet.http.HttpServletRequest request)`
`String`	`getTokenValue(javax.servlet.http.HttpServletRequest request, String uri)`
`Set<String>`	`getUnprotectedPages()`
`boolean`	`isAjaxEnabled()`
`boolean`	`isProtectedMethod(String method)`
`boolean`	`isProtectedPage(String uri)`
`boolean`	`isProtectedPageAndMethod(javax.servlet.http.HttpServletRequest request)`
`boolean`	`isProtectedPageAndMethod(String page, String method)`
`boolean`	`isProtectEnabled()`
`boolean`	`isRotateEnabled()`
`boolean`	`isTokenPerPageEnabled()`
`boolean`	`isTokenPerPagePrecreate()`
`boolean`	`isUseNewTokenLandingPage()`
`boolean`	`isValidRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)`
`static void`	`load(Properties properties)`
`void`	`setProtect(boolean protect)`
`String`	`toString()`
`void`	`updateToken(javax.servlet.http.HttpSession session)`
`void`	`updateTokens(javax.servlet.http.HttpServletRequest request)`
`void`	`writeLandingPage(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail
- PAGE_TOKENS_KEY
```
public static final String PAGE_TOKENS_KEY
```
  See Also:
  Constant Field Values

Constructor Detail
- CsrfGuard
```
public CsrfGuard()
```

Method Detail

getInstance
```
public static CsrfGuard getInstance()
```

load

public static void load(Properties properties)
                 throws NoSuchAlgorithmException,
                        InstantiationException,
                        IllegalAccessException,
                        ClassNotFoundException,
                        IOException,
                        NoSuchProviderException

Throws:: NoSuchAlgorithmException; InstantiationException; IllegalAccessException; ClassNotFoundException; IOException; NoSuchProviderException

getLogger
```
public ILogger getLogger()
```

getTokenName
```
public String getTokenName()
```

getTokenLength
```
public int getTokenLength()
```

isRotateEnabled
```
public boolean isRotateEnabled()
```

isTokenPerPageEnabled

public boolean isTokenPerPageEnabled()

isTokenPerPagePrecreate

public boolean isTokenPerPagePrecreate()

getPrng
```
public SecureRandom getPrng()
```

getNewTokenLandingPage

public String getNewTokenLandingPage()

isUseNewTokenLandingPage

public boolean isUseNewTokenLandingPage()

isAjaxEnabled
```
public boolean isAjaxEnabled()
```

isProtectEnabled
```
public boolean isProtectEnabled()
```

setProtect

public void setProtect(boolean protect)

getSessionKey
```
public String getSessionKey()
```

getProtectedPages

public Set<String> getProtectedPages()

getUnprotectedPages

public Set<String> getUnprotectedPages()

getProtectedMethods

public Set<String> getProtectedMethods()

getActions
```
public List<IAction> getActions()
```

getTokenValue

public String getTokenValue(javax.servlet.http.HttpServletRequest request)

getTokenValue

public String getTokenValue(javax.servlet.http.HttpServletRequest request,
                   String uri)

isValidRequest

public boolean isValidRequest(javax.servlet.http.HttpServletRequest request,
                     javax.servlet.http.HttpServletResponse response)

updateToken

public void updateToken(javax.servlet.http.HttpSession session)

updateTokens

public void updateTokens(javax.servlet.http.HttpServletRequest request)

writeLandingPage

public void writeLandingPage(javax.servlet.http.HttpServletRequest request,
                    javax.servlet.http.HttpServletResponse response)
                      throws IOException

Throws:: IOException

toString
```
public String toString()
```
Overrides:

toString in class Object

isProtectedPage

public boolean isProtectedPage(String uri)

isProtectedMethod

public boolean isProtectedMethod(String method)

isProtectedPageAndMethod

public boolean isProtectedPageAndMethod(String page,
                               String method)

isProtectedPageAndMethod

public boolean isProtectedPageAndMethod(javax.servlet.http.HttpServletRequest request)

Class CsrfGuard

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

PAGE_TOKENS_KEY

Constructor Detail

CsrfGuard

Method Detail

getInstance

load

getLogger

getTokenName

getTokenLength

isRotateEnabled

isTokenPerPageEnabled

isTokenPerPagePrecreate

getPrng

getNewTokenLandingPage

isUseNewTokenLandingPage

isAjaxEnabled

isProtectEnabled

setProtect

getSessionKey

getProtectedPages

getUnprotectedPages

getProtectedMethods

getActions

getTokenValue

getTokenValue

isValidRequest

updateToken

updateTokens

writeLandingPage

toString

isProtectedPage

isProtectedMethod

isProtectedPageAndMethod

isProtectedPageAndMethod