CSRFConfig

CSRF configuration.

tokenName: The name of the token.
cookieName: If defined, the name of the cookie to read the token from/write the token to.
secureCookie: If using a cookie, whether it should be secure.
httpOnlyCookie: If using a cookie, whether it should have the HTTP only flag.
postBodyBuffer: How much of the POST body should be buffered if checking the body for a token.
signTokens: Whether tokens should be signed.
checkMethod: Returns true if a request for that method should be checked.
checkContentType: Returns true if a request for that content type should be checked.
headerName: The name of the HTTP header to check for tokens from.
shouldProtect: A function that decides based on the headers of the request if a check is needed.
bypassCorsTrustedOrigins: Whether to bypass the CSRF check if the CORS filter trusts this origin

Source: csrf.scala

Linear Supertypes

Serializable, Serializable, Product, Equals, AnyRef, Any

Instance Constructors

new CSRFConfig()
new CSRFConfig(tokenName: String = "csrfToken", cookieName: Option[String] = None, secureCookie: Boolean = false, httpOnlyCookie: Boolean = false, createIfNotFound: (RequestHeader) ⇒ Boolean = CSRFConfig.defaultCreateIfNotFound, postBodyBuffer: Long = 102400, signTokens: Boolean = true, checkMethod: (String) ⇒ Boolean = !CSRFConfig.SafeMethods.contains(_), checkContentType: (Option[String]) ⇒ Boolean = _ => true, headerName: String = "Csrf-Token", shouldProtect: (RequestHeader) ⇒ Boolean = _ => false, bypassCorsTrustedOrigins: Boolean = true)

tokenName
The name of the token.
cookieName
If defined, the name of the cookie to read the token from/write the token to.
secureCookie
If using a cookie, whether it should be secure.
httpOnlyCookie
If using a cookie, whether it should have the HTTP only flag.
postBodyBuffer
How much of the POST body should be buffered if checking the body for a token.
signTokens
Whether tokens should be signed.
checkMethod
Returns true if a request for that method should be checked.
checkContentType
Returns true if a request for that content type should be checked.
headerName
The name of the HTTP header to check for tokens from.
shouldProtect
A function that decides based on the headers of the request if a check is needed.
bypassCorsTrustedOrigins
Whether to bypass the CSRF check if the CORS filter trusts this origin

Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def asInstanceOf[T0]: T0

Definition Classes
Any
val bypassCorsTrustedOrigins: Boolean

Whether to bypass the CSRF check if the CORS filter trusts this origin
val checkContentType: (Option[String]) ⇒ Boolean

Returns true if a request for that content type should be checked.
val checkMethod: (String) ⇒ Boolean

Returns true if a request for that method should be checked.
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( ... )
val cookieName: Option[String]

If defined, the name of the cookie to read the token from/write the token to.
val createIfNotFound: (RequestHeader) ⇒ Boolean
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
val headerName: String

The name of the HTTP header to check for tokens from.
val httpOnlyCookie: Boolean

If using a cookie, whether it should have the HTTP only flag.
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
final def notifyAll(): Unit

Definition Classes
AnyRef
val postBodyBuffer: Long

How much of the POST body should be buffered if checking the body for a token.
val secureCookie: Boolean

If using a cookie, whether it should be secure.
val shouldProtect: (RequestHeader) ⇒ Boolean

A function that decides based on the headers of the request if a check is needed.
val signTokens: Boolean

Whether tokens should be signed.
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
val tokenName: String

The name of the token.
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
def withBypassCorsTrustedOrigins(bypass: Boolean): CSRFConfig
def withContentTypes(checkContentType: Predicate[Optional[String]]): CSRFConfig
def withCookieName(cookieName: Optional[String]): CSRFConfig
def withCreateIfNotFound(pred: Predicate[RequestHeader]): CSRFConfig
def withHeaderName(headerName: String): CSRFConfig
def withHttpOnlyCookie(isHttpOnly: Boolean): CSRFConfig
def withMethods(checkMethod: Predicate[String]): CSRFConfig
def withPostBodyBuffer(bufsize: Long): CSRFConfig
def withSecureCookie(isSecure: Boolean): CSRFConfig
def withShouldProtect(shouldProtect: Predicate[RequestHeader]): CSRFConfig
def withSignTokens(signTokens: Boolean): CSRFConfig
def withTokenName(tokenName: String): CSRFConfig

Related Docs: object CSRFConfig | package csrf

Instance Constructors

new CSRFConfig()

Value Members

final def !=(arg0: Any): Boolean

final def ##(): Int

final def ==(arg0: Any): Boolean

final def asInstanceOf[T0]: T0

val bypassCorsTrustedOrigins: Boolean

val checkContentType: (Option[String]) ⇒ Boolean

val checkMethod: (String) ⇒ Boolean

def clone(): AnyRef

val cookieName: Option[String]

val createIfNotFound: (RequestHeader) ⇒ Boolean

final def eq(arg0: AnyRef): Boolean

def finalize(): Unit

final def getClass(): Class[_]

val headerName: String

val httpOnlyCookie: Boolean

final def isInstanceOf[T0]: Boolean

final def ne(arg0: AnyRef): Boolean

final def notify(): Unit

final def notifyAll(): Unit

val postBodyBuffer: Long

val secureCookie: Boolean

val shouldProtect: (RequestHeader) ⇒ Boolean

val signTokens: Boolean

final def synchronized[T0](arg0: ⇒ T0): T0

val tokenName: String

final def wait(): Unit

final def wait(arg0: Long, arg1: Int): Unit

final def wait(arg0: Long): Unit

def withBypassCorsTrustedOrigins(bypass: Boolean): CSRFConfig

def withContentTypes(checkContentType: Predicate[Optional[String]]): CSRFConfig

def withCookieName(cookieName: Optional[String]): CSRFConfig

def withCreateIfNotFound(pred: Predicate[RequestHeader]): CSRFConfig

def withHeaderName(headerName: String): CSRFConfig

def withHttpOnlyCookie(isHttpOnly: Boolean): CSRFConfig

def withMethods(checkMethod: Predicate[String]): CSRFConfig

def withPostBodyBuffer(bufsize: Long): CSRFConfig

def withSecureCookie(isSecure: Boolean): CSRFConfig

def withShouldProtect(shouldProtect: Predicate[RequestHeader]): CSRFConfig

def withSignTokens(signTokens: Boolean): CSRFConfig

def withTokenName(tokenName: String): CSRFConfig

Inherited from Serializable

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from AnyRef

Inherited from Any

Ungrouped