Class CsrfProtectionFilter

All Implemented Interfaces:

@Priority(1000) public class CsrfProtectionFilter extends Object implements ContainerRequestFilter
Simple server-side request filter that implements CSRF protection as per the Guidelines for Implementation of REST by NSA (section IV.F) and section 4.3 of this paper. If you add it to the request filters of your application, it will check for X-Requested-By header in each request except for those that don't change state (GET, OPTIONS, HEAD). If the header is not found, it returns Response.Status.BAD_REQUEST response back to the client.
Martin Matula
See Also: