Class CsrfTokenValidateFilter

java.lang.Object
org.apache.drill.yarn.appMaster.http.CsrfTokenValidateFilter
All Implemented Interfaces:
javax.servlet.Filter

public class CsrfTokenValidateFilter extends Object implements javax.servlet.Filter
All forms on site have a field with a CSRF token injected by server. This filter compares the token with one stored in the session to ensure that the POST request is not a CSRF attack.
  • Constructor Details

    • CsrfTokenValidateFilter

      public CsrfTokenValidateFilter()
  • Method Details

    • init

      public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
      Specified by:
      init in interface javax.servlet.Filter
      Throws:
      javax.servlet.ServletException
    • doFilter

      public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
      Specified by:
      doFilter in interface javax.servlet.Filter
      Throws:
      IOException
      javax.servlet.ServletException
    • destroy

      public void destroy()
      Specified by:
      destroy in interface javax.servlet.Filter