Class DefaultCsrfToken
- java.lang.Object
-
- org.springframework.security.web.csrf.DefaultCsrfToken
-
- All Implemented Interfaces:
java.io.Serializable,CsrfToken
public final class DefaultCsrfToken extends java.lang.Object implements CsrfToken
A CSRF token that is used to protect against CSRF attacks.- Since:
- 3.2
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description DefaultCsrfToken(java.lang.String headerName, java.lang.String parameterName, java.lang.String token)Creates a new instance
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.StringgetHeaderName()Gets the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter.java.lang.StringgetParameterName()Gets the HTTP parameter name that should contain the token.java.lang.StringgetToken()Gets the token value.
-
-
-
Constructor Detail
-
DefaultCsrfToken
public DefaultCsrfToken(java.lang.String headerName, java.lang.String parameterName, java.lang.String token)Creates a new instance- Parameters:
headerName- the HTTP header name to useparameterName- the HTTP parameter name to usetoken- the value of the token (i.e. expected value of the HTTP parameter of parametername).
-
-
Method Detail
-
getHeaderName
public java.lang.String getHeaderName()
Description copied from interface:CsrfTokenGets the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter. Cannot be null.- Specified by:
getHeaderNamein interfaceCsrfToken- Returns:
- the HTTP header that the CSRF is populated on the response and can be placed on requests instead of the parameter
-
getParameterName
public java.lang.String getParameterName()
Description copied from interface:CsrfTokenGets the HTTP parameter name that should contain the token. Cannot be null.- Specified by:
getParameterNamein interfaceCsrfToken- Returns:
- the HTTP parameter name that should contain the token.
-
-