@InterfaceAudience.Public @InterfaceStability.Evolving public class RestCsrfPreventionFilter extends Object implements javax.servlet.Filter
| Modifier and Type | Field and Description | 
|---|---|
| static String | BROWSER_USER_AGENT_PARAM | 
| static String | CUSTOM_HEADER_PARAM | 
| static String | CUSTOM_METHODS_TO_IGNORE_PARAM | 
| static String | HEADER_DEFAULT | 
| static String | HEADER_USER_AGENT | 
| Constructor and Description | 
|---|
| RestCsrfPreventionFilter() | 
| Modifier and Type | Method and Description | 
|---|---|
| void | destroy() | 
| void | doFilter(javax.servlet.ServletRequest request,
        javax.servlet.ServletResponse response,
        javax.servlet.FilterChain chain) | 
| static Map<String,String> | getFilterParams(Configuration conf,
               String confPrefix)Constructs a mapping of configuration properties to be used for filter
 initialization. | 
| void | handleHttpInteraction(org.apache.hadoop.security.http.RestCsrfPreventionFilter.HttpInteraction httpInteraction)Handles an  RestCsrfPreventionFilter.HttpInteractionby applying the filtering logic. | 
| void | init(javax.servlet.FilterConfig filterConfig) | 
| protected boolean | isBrowser(String userAgent)This method interrogates the User-Agent String and returns whether it
 refers to a browser. | 
public static final String HEADER_USER_AGENT
public static final String BROWSER_USER_AGENT_PARAM
public static final String CUSTOM_HEADER_PARAM
public static final String CUSTOM_METHODS_TO_IGNORE_PARAM
public static final String HEADER_DEFAULT
public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException
init in interface javax.servlet.Filterjavax.servlet.ServletExceptionprotected boolean isBrowser(String userAgent)
A User-Agent String is considered to be a browser if it matches any of the regex patterns from browser-useragent-regex; the default behavior is to consider everything a browser that matches the following: "^Mozilla.*,^Opera.*". Subclasses can optionally override this method to use different behavior.
userAgent - The User-Agent String, or null if there isn't onepublic void handleHttpInteraction(org.apache.hadoop.security.http.RestCsrfPreventionFilter.HttpInteraction httpInteraction)
                           throws IOException,
                                  javax.servlet.ServletException
RestCsrfPreventionFilter.HttpInteraction by applying the filtering logic.httpInteraction - caller's HTTP interactionIOException - if there is an I/O errorjavax.servlet.ServletException - if the implementation relies on the servlet API
     and a servlet API call has failedpublic void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
doFilter in interface javax.servlet.FilterIOExceptionjavax.servlet.ServletExceptionpublic void destroy()
destroy in interface javax.servlet.Filterpublic static Map<String,String> getFilterParams(Configuration conf, String confPrefix)
conf - configuration to readconfPrefix - configuration prefixCopyright © 2023 Apache Software Foundation. All rights reserved.