Class WebUtils

java.lang.Object
org.apache.drill.exec.server.rest.WebUtils

public class WebUtils extends Object
  • Constructor Details

    • WebUtils

      public WebUtils()
  • Method Details

    • getCsrfTokenFromHttpRequest

      public static String getCsrfTokenFromHttpRequest(javax.servlet.http.HttpServletRequest request)
      Retrieves the CSRF protection token from the HTTP request.
      Parameters:
      request - HTTP request that contains a session that stores a CSRF protection token. If there is no session, that means that authentication is disabled.
      Returns:
      CSRF protection token, or an empty string if there is no session present.
    • generateCsrfToken

      public static String generateCsrfToken()
      Generates a BASE64 encoded CSRF token from randomly generated 256-bit buffer according to the OWASP CSRF Prevention Cheat Sheet
      Returns:
      randomly generated CSRF token.