package csrf

  1. Public
  2. All

Type Members

  1. class CSRFAction extends EssentialAction

    An action that provides CSRF protection.

  2. trait CSRFComponents extends AnyRef

    The CSRF components.

  3. case class CSRFConfig(tokenName: String = "csrfToken", cookieName: Option[String] = None, secureCookie: Boolean = false, httpOnlyCookie: Boolean = false, createIfNotFound: (RequestHeader) ⇒ Boolean = CSRFConfig.defaultCreateIfNotFound, postBodyBuffer: Long = 102400, signTokens: Boolean = true, checkMethod: (String) ⇒ Boolean = CSRFConfig.UnsafeMethods, checkContentType: (Option[String]) ⇒ Boolean = ..., headerName: String = "Csrf-Token", headerBypass: Boolean = true) extends Product with Serializable

    CSRF configuration.

    CSRF configuration.


    The name of the token.


    If defined, the name of the cookie to read the token from/write the token to.


    If using a cookie, whether it should be secure.


    If using a cookie, whether it should have the HTTP only flag.


    How much of the POST body should be buffered if checking the body for a token.


    Whether tokens should be signed.


    Returns true if a request for that method should be checked.


    Returns true if a request for that content type should be checked.


    The name of the HTTP header to check for tokens from.


    Whether CSRF check can be bypassed by the presence of certain headers, such as X-Requested-By.

  4. class CSRFConfigProvider extends Provider[CSRFConfig]

  5. class CSRFFilter extends EssentialFilter

    A filter that provides CSRF protection.

    A filter that provides CSRF protection.

    These must be by name parameters because the typical use case for instantiating the filter is in Global, which happens before the application is started. Since the default values for the parameters are loaded from config and hence depend on a started application, they must be by name.

  6. class CSRFModule extends Module

    The CSRF module.

Value Members

  1. object CSRF

  2. object CSRFAction

  3. object CSRFAddToken

    CSRF add token action.

    CSRF add token action.

    Apply this to all actions that render a form that contains a CSRF token.

  4. object CSRFCheck

    CSRF check action.

    CSRF check action.

    Apply this to all actions that require a CSRF check.

  5. object CSRFConfig extends Serializable

  6. object CSRFFilter