Class: VertxWeb::CSRFHandler
- Inherits:
-
Object
- Object
- VertxWeb::CSRFHandler
show all
- Defined in:
- /Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb
Overview
This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set
with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header.
The behavior is to check the request body header and cookie for validity.
This Handler requires session support, thus should be added somewhere below Session and Body handlers.
Constant Summary
- @@j_api_type =
Object.new
Class Method Summary
(collapse)
Instance Method Summary
(collapse)
Class Method Details
+ (Boolean) accept?(obj)
23
24
25
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 23
def @@j_api_type.accept?(obj)
obj.class == CSRFHandler
end
|
Instantiate a new CSRFHandlerImpl with a secret
CSRFHandler.create("s3cr37")
54
55
56
57
58
59
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 54
def self.create(secret=nil)
if secret.class == String && !block_given?
return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtWebHandler::CSRFHandler.java_method(:create, [Java::java.lang.String.java_class]).call(secret),::VertxWeb::CSRFHandler)
end
raise ArgumentError, "Invalid arguments when calling create(#{secret})"
end
|
+ (Object) DEFAULT_COOKIE_NAME
122
123
124
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 122
def self.DEFAULT_COOKIE_NAME
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_COOKIE_NAME
end
|
+ (Object) DEFAULT_COOKIE_PATH
125
126
127
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 125
def self.DEFAULT_COOKIE_PATH
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_COOKIE_PATH
end
|
128
129
130
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 128
def self.DEFAULT_HEADER_NAME
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_HEADER_NAME
end
|
+ (Object) DEFAULT_RESPONSE_BODY
131
132
133
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 131
def self.DEFAULT_RESPONSE_BODY
Java::IoVertxExtWebHandler::CSRFHandler.DEFAULT_RESPONSE_BODY
end
|
+ (Object) j_api_type
32
33
34
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 32
def self.j_api_type
@@j_api_type
end
|
+ (Object) j_class
35
36
37
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 35
def self.j_class
Java::IoVertxExtWebHandler::CSRFHandler.java_class
end
|
+ (Object) unwrap(obj)
29
30
31
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 29
def @@j_api_type.unwrap(obj)
obj.j_del
end
|
+ (Object) wrap(obj)
26
27
28
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 26
def @@j_api_type.wrap(obj)
CSRFHandler.new(obj)
end
|
Instance Method Details
- (void) handle(event = nil)
This method returns an undefined value.
Something has happened, so handle it.
41
42
43
44
45
46
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 41
def handle(event=nil)
if event.class.method_defined?(:j_del) && !block_given?
return @j_del.java_method(:handle, [Java::IoVertxExtWeb::RoutingContext.java_class]).call(event.j_del)
end
raise ArgumentError, "Invalid arguments when calling handle(#{event})"
end
|
- (self) set_cookie_name(name = nil)
Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks
might use other names.
64
65
66
67
68
69
70
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 64
def set_cookie_name(name=nil)
if name.class == String && !block_given?
@j_del.java_method(:setCookieName, [Java::java.lang.String.java_class]).call(name)
return self
end
raise ArgumentError, "Invalid arguments when calling set_cookie_name(#{name})"
end
|
- (self) set_cookie_path(path = nil)
Set the cookie path. By default / is used.
74
75
76
77
78
79
80
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 74
def set_cookie_path(path=nil)
if path.class == String && !block_given?
@j_del.java_method(:setCookiePath, [Java::java.lang.String.java_class]).call(path)
return self
end
raise ArgumentError, "Invalid arguments when calling set_cookie_path(#{path})"
end
|
Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other
frameworks might use other names.
85
86
87
88
89
90
91
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 85
def (name=nil)
if name.class == String && !block_given?
@j_del.java_method(:setHeaderName, [Java::java.lang.String.java_class]).call(name)
return self
end
raise ArgumentError, "Invalid arguments when calling set_header_name(#{name})"
end
|
- (self) set_nag_https(nag = nil)
Should the handler give warning messages if this handler is used in other than https protocols?
95
96
97
98
99
100
101
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 95
def set_nag_https(nag=nil)
if (nag.class == TrueClass || nag.class == FalseClass) && !block_given?
@j_del.java_method(:setNagHttps, [Java::boolean.java_class]).call(nag)
return self
end
raise ArgumentError, "Invalid arguments when calling set_nag_https(#{nag})"
end
|
- (self) set_response_body(responseBody = nil)
Set the body returned by the handler when the XSRF token is missing or invalid.
105
106
107
108
109
110
111
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 105
def set_response_body(responseBody=nil)
if responseBody.class == String && !block_given?
@j_del.java_method(:setResponseBody, [Java::java.lang.String.java_class]).call(responseBody)
return self
end
raise ArgumentError, "Invalid arguments when calling set_response_body(#{responseBody})"
end
|
- (self) set_timeout(timeout = nil)
Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.
115
116
117
118
119
120
121
|
# File '/Users/julien/java/vertx-aggregator/modules/vertx-lang-ruby/vertx-lang-ruby/target/classes/vertx-web/csrf_handler.rb', line 115
def set_timeout(timeout=nil)
if timeout.class == Fixnum && !block_given?
@j_del.java_method(:setTimeout, [Java::long.java_class]).call(timeout)
return self
end
raise ArgumentError, "Invalid arguments when calling set_timeout(#{timeout})"
end
|