info.magnolia.cms.security
Class CsrfSecurityFilter
java.lang.Object
info.magnolia.cms.filters.AbstractMgnlFilter
info.magnolia.cms.security.BaseSecurityFilter
info.magnolia.cms.security.CsrfSecurityFilter
- All Implemented Interfaces:
- MgnlFilter, javax.servlet.Filter
public class CsrfSecurityFilter
- extends BaseSecurityFilter
Ensure that the request is not a CSRF attack.
See: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
isAllowed should fail if:
- The referrer header is blank.
- The host of header referrer request domain does not match actual requested host.
To provide flexibility, two of the key checks are performed with voters in the filters bypasess node, rather than explicitly here in code.
The default bypasses configuration includes:
- Excludes any request url that doesn't start with '/.magnolia' with a URIStartsWithVoter.
- Excludes all non-authenticated requests with an AuthenticatedVoter.
To 'white-list' specific referrer domains or uris, setup bypasses in the configuration for the filter
using, for example, the RequestHeaderPatternVoter
or RequestHeaderRegexVoter
.
Method Summary |
protected void |
handlePossibleCsrf(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
String referer,
String url)
Actions to take when a CSRF attack is detected. |
boolean |
isAllowed(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Implementations need to return false if the request can not be proceeded with, but also need to set an appropriate error code. |
protected boolean |
isLoginPage(String actualPath)
The login page will be exempted from the referrer check. |
Methods inherited from class info.magnolia.cms.filters.AbstractMgnlFilter |
acceptsEncoding, acceptsGzipEncoding, addAndVerifyHeader, addBypass, addMapping, bypasses, destroy, doFilter, getBypasses, getDispatching, getMapping, getMappings, getName, headerContains, init, isEnabled, mapsTo, matches, matchesDispatching, setDispatching, setEnabled, setName |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ADMINCENTRAL_LOGIN_PATH
protected final String ADMINCENTRAL_LOGIN_PATH
- See Also:
- Constant Field Values
CsrfSecurityFilter
public CsrfSecurityFilter()
isAllowed
public boolean isAllowed(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws IOException
- Description copied from class:
BaseSecurityFilter
- Implementations need to return false if the request can not be proceeded with, but also need to set an appropriate error code.
- Specified by:
isAllowed
in class BaseSecurityFilter
- Throws:
IOException
handlePossibleCsrf
protected void handlePossibleCsrf(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
String referer,
String url)
- Actions to take when a CSRF attack is detected.
Log, set response to forbidden, and set an attribute so the login page can display a message.
isLoginPage
protected boolean isLoginPage(String actualPath)
- The login page will be exempted from the referrer check.
Copyright © 2003–2014 Magnolia International Ltd.. All rights reserved.