org.kohsuke.stapler
Class CrumbIssuer
java.lang.Object
org.kohsuke.stapler.CrumbIssuer
public abstract class CrumbIssuer
- extends java.lang.Object
Generates a nonce value that allows us to protect against cross-site request forgery (CSRF) attacks.
We send this with each JavaScript proxy and verify them when we receive a request.
- Author:
- Kohsuke Kawaguchi
- See Also:
WebApp.getCrumbIssuer()
,
WebApp.setCrumbIssuer(CrumbIssuer)
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
DEFAULT
public static final CrumbIssuer DEFAULT
- Default crumb issuer.
CrumbIssuer
public CrumbIssuer()
issueCrumb
public abstract java.lang.String issueCrumb(StaplerRequest request)
- Issues a crumb for the given request.
issueCrumb
public final java.lang.String issueCrumb()
validateCrumb
public void validateCrumb(StaplerRequest request,
java.lang.String submittedCrumb)
- Validates a crumb that was submitted along with the request.
- Parameters:
request
- The request that submitted the crumbsubmittedCrumb
- The submitted crumb value to be validated.
- Throws:
java.lang.Exception
- If the crumb doesn't match and the request processing should abort.
Copyright © 2011. All Rights Reserved.