Class CsrfTokenValidateFilter
java.lang.Object
org.apache.drill.yarn.appMaster.http.CsrfTokenValidateFilter
- All Implemented Interfaces:
javax.servlet.Filter
All forms on site have a field with a CSRF token injected by server.
This filter compares the token with one stored in the session to ensure that the POST request is not a CSRF attack.
-
Constructor Summary
-
Method Summary
-
Constructor Details
-
CsrfTokenValidateFilter
public CsrfTokenValidateFilter()
-
-
Method Details
-
init
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException - Specified by:
init
in interfacejavax.servlet.Filter
- Throws:
javax.servlet.ServletException
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException - Specified by:
doFilter
in interfacejavax.servlet.Filter
- Throws:
IOException
javax.servlet.ServletException
-
destroy
public void destroy()- Specified by:
destroy
in interfacejavax.servlet.Filter
-