CrumbFilter (Jenkins main module 1.512 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

hudson.security.csrf
Class CrumbFilter

java.lang.Object
  hudson.security.csrf.CrumbFilter

All Implemented Interfaces:: javax.servlet.Filter

public class CrumbFilter
extends Object
implements javax.servlet.Filter
extends Object
implements javax.servlet.Filter

Checks for and validates crumbs on requests that cause state changes, to protect against cross site request forgeries.

Author:: dty

Constructor Summary
`CrumbFilter()`

Method Summary
`void`	`destroy()`
`void`	`doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)`
`CrumbIssuer`	`getCrumbIssuer()` Because servlet containers generally don't specify the ordering of the initialization (and different implementations indeed do this differently --- See HUDSON-3878), we cannot use Hudson to the CrumbIssuer into CrumbFilter eagerly.
`void`	`init(javax.servlet.FilterConfig filterConfig)`
`protected static boolean`	`isMultipart(javax.servlet.http.HttpServletRequest request)`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

CrumbFilter

public CrumbFilter()

Method Detail

getCrumbIssuer

public CrumbIssuer getCrumbIssuer()

Because servlet containers generally don't specify the ordering of the initialization (and different implementations indeed do this differently --- See HUDSON-3878), we cannot use Hudson to the CrumbIssuer into CrumbFilter eagerly.

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Specified by:: init in interface javax.servlet.Filter

Throws:: javax.servlet.ServletException

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException

Specified by:: doFilter in interface javax.servlet.Filter

Throws:: IOException; javax.servlet.ServletException

isMultipart

protected static boolean isMultipart(javax.servlet.http.HttpServletRequest request)

destroy

public void destroy()

Specified by:: destroy in interface javax.servlet.Filter