How to reject a request if the request contains an unwanted referer header in JBoss EAP 7

Solution Unverified - Updated -

Issue

  • How do I reject a request (or redirect to another page) if the request contains an unwanted referer header in JBoss EAP 7?
  • I would like to implement "checking the Referer header" for protecting from Cross-Site Request Forgery (CSRF) as mentioned in this OWASP page. Is it possible to add this checking mechanism in JBoss EAP 7 configuration layer?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 7.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content