How to reject a request if the request contains an unwanted referer header in JBoss EAP 6
Issue
- How do I reject a request (or redirect to another page) if the request contains an unwanted referer header in JBoss EAP 6?
- I would like to implement "checking the Referer header" for protecting from Cross-Site Request Forgery (CSRF) as mentioned in this OWASP page. Is it possible to add this checking mechanism in JBoss EAP 6 configuration layer?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.