Package alpine.filters
Class ClickjackingFilter
- java.lang.Object
-
- alpine.filters.ClickjackingFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
public final class ClickjackingFilter extends Object implements javax.servlet.Filter
Implements HTTP Header Field X-Frame-Options (RFC 7034).
This filter is configured via the applications web.xml.
<init-param> <param-name>mode</param-name> <param-value>DENY</param-value> </init-param>An example implementation in web.xml:<filter> <filter-name>ClickjackingFilter</filter-name> <filter-class>alpine.filters.ClickjackingFilter</filter-class> <init-param> <param-name>mode</param-name> <param-value>DENY</param-value> </init-param> </filter> <filter-mapping> <filter-name>ClickjackingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>Valid options are DENY, SAMEORIGIN, or ALLOW-FROM. Use of ALLOW-FROM requires an additional 'uri' parameter to be specified.
- Since:
- 1.0.0
- Author:
- Steve Springett
-
-
Constructor Summary
Constructors Constructor Description ClickjackingFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voiddestroy()voiddoFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain)voidinit(javax.servlet.FilterConfig filterConfig)
-
-
-
Method Detail
-
init
public void init(javax.servlet.FilterConfig filterConfig)
- Specified by:
initin interfacejavax.servlet.Filter
-
doFilter
public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException- Specified by:
doFilterin interfacejavax.servlet.Filter- Throws:
IOExceptionjavax.servlet.ServletException
-
destroy
public void destroy()
- Specified by:
destroyin interfacejavax.servlet.Filter
-
-