WebSocketAwareCsrfPreventionRequestCycleListener (Wicket Parent 9.18.0-SNAPSHOT API)

java.lang.Object
- org.apache.wicket.protocol.http.OriginResourceIsolationPolicy
- - org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener
  - - org.apache.wicket.protocol.ws.WebSocketAwareCsrfPreventionRequestCycleListener

All Implemented Interfaces:

IResourceIsolationPolicy, IRequestCycleListener
```
@Deprecated(since="9.3.0")
public class WebSocketAwareCsrfPreventionRequestCycleListener
extends CsrfPreventionRequestCycleListener
```
Deprecated.
Use WebSocketAwareResourceIsolationRequestCycleListener instead

A specialization of CsrfPreventionRequestCycleListener that should be used when the application uses Web Sockets.
The HTTP upgrade request brings Origin in its headers, but any Web socket frame doesn't bring it so WebSocketRequestHandler and WebSocketMessageBroadcastHandler should be ignored.

Nested Class Summary
- Nested classes/interfaces inherited from class org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener
  CsrfPreventionRequestCycleListener.CsrfAction
- Nested classes/interfaces inherited from interface org.apache.wicket.protocol.http.IResourceIsolationPolicy
  IResourceIsolationPolicy.ResourceIsolationOutcome

Constructor Summary

Constructors
Constructor Description

WebSocketAwareCsrfPreventionRequestCycleListener()
Deprecated.

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method	Description
`protected boolean`	`isChecked(IRequestHandler handler)`	Deprecated. Override to change the request handler types that are checked.

Methods inherited from class org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener
abortHandler, addAcceptedOrigin, allowHandler, checkRequest, getSourceUri, isChecked, isEnabled, matchingOrigin, onAborted, onAllowed, onBeginRequest, onMatchingOrigin, onRequestHandlerResolved, onSuppressed, onWhitelisted, setConflictingOriginAction, setErrorCode, setErrorMessage, setNoOriginAction, suppressHandler, unwrap, whitelistedHandler

Methods inherited from class org.apache.wicket.protocol.http.OriginResourceIsolationPolicy
getTargetUriFromRequest, isLocalOrigin, isRequestAllowed, isWhitelistedHost, normalizeUri

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.wicket.request.cycle.IRequestCycleListener
onDetach, onEndRequest, onException, onExceptionRequestHandlerResolved, onRequestHandlerExecuted, onRequestHandlerScheduled, onUrlMapped

Methods inherited from interface org.apache.wicket.protocol.http.IResourceIsolationPolicy
setHeaders

- Constructor Detail
  - WebSocketAwareCsrfPreventionRequestCycleListener
```
public WebSocketAwareCsrfPreventionRequestCycleListener()
```
    Deprecated.
- Method Detail
  - isChecked
```
protected boolean isChecked(IRequestHandler handler)
```
    Deprecated.
    
    Description copied from class: CsrfPreventionRequestCycleListener
    
    Override to change the request handler types that are checked. Currently only action handlers (form submits, link clicks, AJAX events) are checked for a matching Origin HTTP header.
    
    Overrides:
    
    isChecked in class CsrfPreventionRequestCycleListener
    
    Parameters:
    
    handler - the handler that is currently processing
    
    Returns:
    
    true when the Origin HTTP header should be checked for this handler