Package alpine.server.filters
Class ClickjackingFilter
java.lang.Object
alpine.server.filters.ClickjackingFilter
- All Implemented Interfaces:
javax.servlet.Filter
Implements HTTP Header Field X-Frame-Options (RFC 7034).
This filter is configured via the applications web.xml.
<init-param>
<param-name>mode</param-name>
<param-value>DENY</param-value>
</init-param>
An example implementation in web.xml:
<filter>
<filter-name>ClickjackingFilter</filter-name>
<filter-class>alpine.filters.ClickjackingFilter</filter-class>
<init-param>
<param-name>mode</param-name>
<param-value>DENY</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ClickjackingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Valid options are DENY, SAMEORIGIN, or ALLOW-FROM. Use of ALLOW-FROM requires an additional 'uri' parameter to be specified.
- Since:
- 1.0.0
- Author:
- Steve Springett
-
Constructor Summary
Constructors -
Method Summary
-
Constructor Details
-
ClickjackingFilter
public ClickjackingFilter()
-
-
Method Details
-
init
public void init(javax.servlet.FilterConfig filterConfig) - Specified by:
initin interfacejavax.servlet.Filter
-
doFilter
public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException - Specified by:
doFilterin interfacejavax.servlet.Filter- Throws:
IOExceptionjavax.servlet.ServletException
-
destroy
public void destroy()- Specified by:
destroyin interfacejavax.servlet.Filter
-