How to reject a request if the request contains an unwanted referer header in JBoss EAP 7

Solution Unverified - Updated -

Issue

  • How do I reject a request (or redirect to another page) if the request contains an unwanted referer header in JBoss EAP 7?
  • I would like to implement "checking the Referer header" for protecting from Cross-Site Request Forgery (CSRF) as mentioned in this OWASP page. Is it possible to add this checking mechanism in JBoss EAP 7 configuration layer?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 7.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.