Class DoubleSubmitCookieCsrfTokenValidator

java.lang.Object
com.cksource.ckfinder.http.request.DoubleSubmitCookieCsrfTokenValidator
All Implemented Interfaces:
CsrfTokenValidator

@Component public class DoubleSubmitCookieCsrfTokenValidator extends Object implements CsrfTokenValidator
Application scoped CSRF token validator service.
  • Constructor Details

    • DoubleSubmitCookieCsrfTokenValidator

      public DoubleSubmitCookieCsrfTokenValidator()
  • Method Details

    • isValidRequest

      public boolean isValidRequest(HttpServletRequest request)
      Checks if the request contains a valid CSRF token.

      Some requests pass data as JSON. In this case token might be passed as request attribute.

      Specified by:
      isValidRequest in interface CsrfTokenValidator
      Parameters:
      request - current HTTP request
      Returns:
      true if the CSRF token is valid, false otherwise.
      See Also:
    • getCookieValue

      protected static String getCookieValue(HttpServletRequest request, String name)
      Returns the value of cookie with given name.
      Parameters:
      request - current HTTP request
      name - cookie name
      Returns:
      cookie value or null