Package org.apache.wicket.protocol.http
Interface IResourceIsolationPolicy
-
- All Known Implementing Classes:
CsrfPreventionRequestCycleListener
,FetchMetadataResourceIsolationPolicy
,OriginResourceIsolationPolicy
,WebSocketAwareCsrfPreventionRequestCycleListener
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
@FunctionalInterface public interface IResourceIsolationPolicy
Interface for the resource isolation policies.Resource isolation policies are designed to protect against cross origin attacks.
See
FetchMetadataResourceIsolationPolicy
for the default implementation used byResourceIsolationRequestCycleListener
.- Author:
- Santiago Diaz - saldiaz@google.com, Ecenaz Jen Ozmen - ecenazo@google.com
- See Also:
- https://web.dev/fetch-metadata/
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static class
IResourceIsolationPolicy.ResourceIsolationOutcome
Indicates the outcome for a resource isolation policy for a request.
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description IResourceIsolationPolicy.ResourceIsolationOutcome
isRequestAllowed(javax.servlet.http.HttpServletRequest request, IRequestablePage targetPage)
Is the given request allowed.default void
setHeaders(javax.servlet.http.HttpServletResponse response)
Set possible response headers.
-
-
-
Method Detail
-
isRequestAllowed
IResourceIsolationPolicy.ResourceIsolationOutcome isRequestAllowed(javax.servlet.http.HttpServletRequest request, IRequestablePage targetPage)
Is the given request allowed.- Parameters:
request
- requesttargetPage
- targeted page- Returns:
- outcome, must not be
null
-
setHeaders
default void setHeaders(javax.servlet.http.HttpServletResponse response)
Set possible response headers.- Parameters:
response
-
-
-