CSRFHandlerImpl (Vertx Javadocs 4.0.3.GA API)

java.lang.Object
- io.vertx.ext.web.handler.impl.CSRFHandlerImpl

All Implemented Interfaces:

Handler<RoutingContext>, CSRFHandler
```
public class CSRFHandlerImpl
extends Object
implements CSRFHandler
```
Author:

Paulo Lopes

Field Summary
- Fields inherited from interface io.vertx.ext.web.handler.CSRFHandler
  DEFAULT_COOKIE_NAME, DEFAULT_COOKIE_PATH, DEFAULT_HEADER_NAME

Constructor Summary

Constructors
Constructor and Description

CSRFHandlerImpl(Vertx vertx, String secret)

Constructors
Constructor and Description
`CSRFHandlerImpl(Vertx vertx, String secret)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`handle(RoutingContext ctx)` Something has happened, so handle it.
`CSRFHandler`	`setCookieHttpOnly(boolean httpOnly)` Set the cookie `httpOnly` attribute.
`CSRFHandler`	`setCookieName(String cookieName)` Set the cookie name.
`CSRFHandler`	`setCookiePath(String cookiePath)` Set the cookie path.
`CSRFHandler`	`setHeaderName(String headerName)` Set the header name.
`CSRFHandler`	`setNagHttps(boolean nag)` Should the handler give warning messages if this handler is used in other than https protocols?
`CSRFHandler`	`setOrigin(String origin)` Set the origin for this server.
`CSRFHandler`	`setTimeout(long timeout)` Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.vertx.ext.web.handler.CSRFHandler
create

- Constructor Detail
  - CSRFHandlerImpl
```
public CSRFHandlerImpl(Vertx vertx,
                       String secret)
```
- Method Detail
  - setOrigin
```
public CSRFHandler setOrigin(String origin)
```
    Description copied from interface: CSRFHandler
    
    Set the origin for this server. When this value is set, extra validation will occur. The request must match the origin server, port and protocol.
    
    Specified by:
    
    setOrigin in interface CSRFHandler
    
    Parameters:
    
    origin - the origin for this server e.g.: https://www.foo.com.
    
    Returns:
    
    fluent
  - setCookieName
```
public CSRFHandler setCookieName(String cookieName)
```
    Description copied from interface: CSRFHandler
    
    Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.
    
    Specified by:
    
    setCookieName in interface CSRFHandler
    
    Parameters:
    
    cookieName - a new name for the cookie.
    
    Returns:
    
    fluent
  - setCookiePath
```
public CSRFHandler setCookiePath(String cookiePath)
```
    Description copied from interface: CSRFHandler
    
    Set the cookie path. By default / is used.
    
    Specified by:
    
    setCookiePath in interface CSRFHandler
    
    Parameters:
    
    cookiePath - a new path for the cookie.
    
    Returns:
    
    fluent
  - setCookieHttpOnly
```
public CSRFHandler setCookieHttpOnly(boolean httpOnly)
```
    Description copied from interface: CSRFHandler
    
    Set the cookie httpOnly attribute. When setting to false the CSRF handler will behave in Double Submit Cookie mode. When set to true then it will operate in Cookie-to-header mode. For more information https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie
    
    Specified by:
    
    setCookieHttpOnly in interface CSRFHandler
    
    Parameters:
    
    httpOnly - a new name for the header.
    
    Returns:
    
    fluent
  - setHeaderName
```
public CSRFHandler setHeaderName(String headerName)
```
    Description copied from interface: CSRFHandler
    
    Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.
    
    Specified by:
    
    setHeaderName in interface CSRFHandler
    
    Parameters:
    
    headerName - a new name for the header.
    
    Returns:
    
    fluent
  - setTimeout
```
public CSRFHandler setTimeout(long timeout)
```
    Description copied from interface: CSRFHandler
    
    Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.
    
    Specified by:
    
    setTimeout in interface CSRFHandler
    
    Parameters:
    
    timeout - token timeout
    
    Returns:
    
    fluent
  - setNagHttps
```
public CSRFHandler setNagHttps(boolean nag)
```
    Description copied from interface: CSRFHandler
    
    Should the handler give warning messages if this handler is used in other than https protocols?
    
    Specified by:
    
    setNagHttps in interface CSRFHandler
    
    Parameters:
    
    nag - true to nag
    
    Returns:
    
    fluent
  - handle
```
public void handle(RoutingContext ctx)
```
    Description copied from interface: Handler
    
    Something has happened, so handle it.
    
    Specified by:
    
    handle in interface Handler<RoutingContext>
    
    Parameters:
    
    ctx - the event to handle

Class CSRFHandlerImpl

Field Summary

Fields inherited from interface io.vertx.ext.web.handler.CSRFHandler

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface io.vertx.ext.web.handler.CSRFHandler

Constructor Detail

CSRFHandlerImpl

Method Detail

setOrigin

setCookieName

setCookiePath

setCookieHttpOnly

setHeaderName

setTimeout

setNagHttps

handle