How to reject a request if the request contains an unwanted referer header in JBoss EAP 7
Issue
- How do I reject a request (or redirect to another page) if the request contains an unwanted referer header in JBoss EAP 7?
- I would like to implement "checking the Referer header" for protecting from Cross-Site Request Forgery (CSRF) as mentioned in this OWASP page. Is it possible to add this checking mechanism in JBoss EAP 7 configuration layer?
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 7.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.