Package org.apache.struts2.interceptor
Class FetchMetadataInterceptor
java.lang.Object
org.apache.struts2.interceptor.AbstractInterceptor
org.apache.struts2.interceptor.FetchMetadataInterceptor
- All Implemented Interfaces:
Serializable
,ConditionalInterceptor
,Interceptor
Interceptor that implements Fetch Metadata policy on incoming requests used to protect against
CSRF, XSSI, and cross-origin information leaks. Uses
StrutsResourceIsolationPolicy
to
filter the requests allowed to be processed.-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionintercept
(ActionInvocation invocation) Override to handle interceptionvoid
setExemptedPaths
(String paths) Methods inherited from class org.apache.struts2.interceptor.AbstractInterceptor
destroy, init, setDisabled, shouldIntercept
-
Constructor Details
-
FetchMetadataInterceptor
public FetchMetadataInterceptor()
-
-
Method Details
-
setExemptedPaths
-
intercept
Description copied from class:AbstractInterceptor
Override to handle interception- Specified by:
intercept
in interfaceInterceptor
- Specified by:
intercept
in classAbstractInterceptor
- Parameters:
invocation
- the action invocation- Returns:
- the return code, either returned from
ActionInvocation.invoke()
, or from the interceptor itself. - Throws:
Exception
- any system-level error, as defined inAction.execute()
.
-