Class: VertxWeb::CSRFHandler

Inherits:
Object
  • Object
show all
Defined in:
/Users/julien/java/vertx-stack/stack-docs/target/rb/vertx-web/csrf_handler.rb

Overview

This handler adds a CSRF token to requests which mutate state. In order change the state a (XSRF-TOKEN) cookie is set with a unique token, that is expected to be sent back in a (X-XSRF-TOKEN) header. The behavior is to check the request body header and cookie for validity. This Handler requires session support, thus should be added somewhere below Session and Body handlers.

Class Method Summary (collapse)

Instance Method Summary (collapse)

Class Method Details

+ (::VertxWeb::CSRFHandler) create(secret = nil)

Instantiate a new CSRFHandlerImpl with a secret


 CSRFHandler.create("s3cr37")

Parameters:

  • secret (String) (defaults to: nil)
    server secret to sign the token.

Returns:

Raises:

  • (ArgumentError)


37
38
39
40
41
42
# File '/Users/julien/java/vertx-stack/stack-docs/target/rb/vertx-web/csrf_handler.rb', line 37

def self.create(secret=nil)
  if secret.class == String && !block_given?
    return ::Vertx::Util::Utils.safe_create(Java::IoVertxExtWebHandler::CSRFHandler.java_method(:create, [Java::java.lang.String.java_class]).call(secret),::VertxWeb::CSRFHandler)
  end
  raise ArgumentError, "Invalid arguments when calling create(secret)"
end

Instance Method Details

- (void) handle(arg0 = nil)

This method returns an undefined value.

Parameters:

Raises:

  • (ArgumentError)


24
25
26
27
28
29
# File '/Users/julien/java/vertx-stack/stack-docs/target/rb/vertx-web/csrf_handler.rb', line 24

def handle(arg0=nil)
  if arg0.class.method_defined?(:j_del) && !block_given?
    return @j_del.java_method(:handle, [Java::IoVertxExtWeb::RoutingContext.java_class]).call(arg0.j_del)
  end
  raise ArgumentError, "Invalid arguments when calling handle(arg0)"
end
Set the cookie name. By default XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

Parameters:

  • name (String) (defaults to: nil)
    a new name for the cookie.

Returns:

  • (self)

Raises:

  • (ArgumentError)


47
48
49
50
51
52
53
# File '/Users/julien/java/vertx-stack/stack-docs/target/rb/vertx-web/csrf_handler.rb', line 47

def set_cookie_name(name=nil)
  if name.class == String && !block_given?
    @j_del.java_method(:setCookieName, [Java::java.lang.String.java_class]).call(name)
    return self
  end
  raise ArgumentError, "Invalid arguments when calling set_cookie_name(name)"
end

- (self) set_header_name(name = nil)

Set the header name. By default X-XSRF-TOKEN is used as it is the expected name by AngularJS however other frameworks might use other names.

Parameters:

  • name (String) (defaults to: nil)
    a new name for the header.

Returns:

  • (self)

Raises:

  • (ArgumentError)


58
59
60
61
62
63
64
# File '/Users/julien/java/vertx-stack/stack-docs/target/rb/vertx-web/csrf_handler.rb', line 58

def set_header_name(name=nil)
  if name.class == String && !block_given?
    @j_del.java_method(:setHeaderName, [Java::java.lang.String.java_class]).call(name)
    return self
  end
  raise ArgumentError, "Invalid arguments when calling set_header_name(name)"
end

- (self) set_nag_https(nag = nil)

Should the handler give warning messages if this handler is used in other than https protocols?

Parameters:

  • nag (true, false) (defaults to: nil)
    true to nag

Returns:

  • (self)

Raises:

  • (ArgumentError)


68
69
70
71
72
73
74
# File '/Users/julien/java/vertx-stack/stack-docs/target/rb/vertx-web/csrf_handler.rb', line 68

def set_nag_https(nag=nil)
  if (nag.class == TrueClass || nag.class == FalseClass) && !block_given?
    @j_del.java_method(:setNagHttps, [Java::boolean.java_class]).call(nag)
    return self
  end
  raise ArgumentError, "Invalid arguments when calling set_nag_https(nag)"
end

- (self) set_timeout(timeout = nil)

Set the timeout for tokens generated by the handler, by default it uses the default from the session handler.

Parameters:

  • timeout (Fixnum) (defaults to: nil)
    token timeout

Returns:

  • (self)

Raises:

  • (ArgumentError)


78
79
80
81
82
83
84
# File '/Users/julien/java/vertx-stack/stack-docs/target/rb/vertx-web/csrf_handler.rb', line 78

def set_timeout(timeout=nil)
  if timeout.class == Fixnum && !block_given?
    @j_del.java_method(:setTimeout, [Java::long.java_class]).call(timeout)
    return self
  end
  raise ArgumentError, "Invalid arguments when calling set_timeout(timeout)"
end