| Interface | Description |
|---|---|
| XsrfCheckResult |
The result of the XSRF checks
|
| XsrfDefaults |
This represents the default values from jira-application properties for controlling XSRF
|
| XsrfInvocationChecker |
Checks that a web-request (either WebWork action or HttpServlet) has been invoked with the correct
XSRF token.
|
| XsrfTokenGenerator |
Interface for generating anti-XSRF tokens for web forms.
|
| Class | Description |
|---|---|
| BootstrapXsrfTokenGenerator |
A no-op XsrfTokenGenerator that is added to the Bootstrap container because it is required in Servlet Filters.
|
| DefaultXsrfInvocationChecker |
This class will check that a web-request (either WebWork action or HttpServlet) has been invoked with the correct
XSRF token.
|
| OriginChecker |
Assists with validating whether HTTP request meets XSRF origin policy
|
| SimpleXsrfTokenGenerator |
Implementation of XsrfTokenGenerator that stores a unique token depending
on strategy resolved
- requests originated by jira (webwork) run with
XsrfTokenStrategy.Type.SESSION strategy
- external requests (like REST calls) run with XsrfTokenStrategy.Type.COOKIE strategy |
| XsrfDefaultsImpl |
An implementation of
XsrfDefaults |
| XsrfTokenAdditionRequestFilter |
This request
Filter will set a XSRF token into the session IF there is a user AND they dont
already have a token. |
| XsrfVulnerabilityDetectionSQLInterceptor |
SQL Interceptor that detects changes to the database that aren't xsrf protected
|
| Exception | Description |
|---|---|
| XsrfFailureException |
This is thrown when a request fails an XSRF check and user retry is not allowed.
|
| XsrfRecoverableFailureException |
This is thrown when a request fails an XSRF check but we allow user to retry operation.
|
| Annotation Type | Description |
|---|---|
| RequiresXsrfCheck |
The annotation used to indicate that a method needs XSRF protection checking
|
Copyright © 2002-2022 Atlassian. All Rights Reserved.