com.yqjr.framework.component.csrf.CsrfRequestDataValueProcessor Maven / Gradle / Ivy
package com.yqjr.framework.component.csrf;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.support.RequestDataValueProcessor;
/**
* ClassName: CsrfRequestDataValueProcessor
* Description: form:form实现类:自动创建hidden的csrfToken域
* Create By: Wanglei
* Create Date: 2017年6月14日 下午4:35:13
* Modified By:
* Modified Date:
* Modified Content:
* Version: 1.0
*
*/
@Component("requestDataValueProcessor")
public class CsrfRequestDataValueProcessor implements RequestDataValueProcessor{
@Override
public String processAction(HttpServletRequest request, String action, String httpMethod) {
return action;
}
@Override
public String processFormFieldValue(HttpServletRequest request, String name, String value, String type) {
return value;
}
/**
*
* Description: 此处是当使用spring的taglib标签form:form创建表单时候,增加的隐藏域参数
* Create By: Wanglei
* Create Date: 2017年6月15日 上午8:20:03
*
* @param request HttpServletRequest
* @return Map
*/
@Override
public Map getExtraHiddenFields(HttpServletRequest request) {
String token = CsrfTokenManager.createTokenForSession(request.getSession());
Map hiddenFields = new HashMap();
hiddenFields.put(CsrfTokenManager.CSRF_PARAM_NAME, token);
return hiddenFields;
}
/**
* @param request HttpServletRequest
* @param url String
* @return String
*/
@Override
public String processUrl(HttpServletRequest request, String url) {
return url;
}
}