AbstractHttpSessionSecurityCookieFilter (GWT-Platform 1.3.1 API)

java.lang.Object
- com.gwtplatform.dispatch.server.AbstractHttpSessionSecurityCookieFilter

All Implemented Interfaces:

javax.servlet.Filter

Direct Known Subclasses:

HttpSessionSecurityCookieFilter, HttpSessionSecurityCookieFilter

Deprecated.
Please use AbstractRandomSecurityCookieFilter. Using the JSESSIONID like this might let an XSS attacker hijack a session. See GitHub issue #484
```
@Deprecated
public abstract class AbstractHttpSessionSecurityCookieFilter
extends Object
implements javax.servlet.Filter
```
This filter will automatically inject a security cookie inside the request the first time the page is loaded. This security cookie is based on the HttpSession and will only work if the session is enabled. To setup this filter, add the following line at before any other serve call in your own ServletModule.configureServlets():
```
 filter("*.jsp").through(HttpSessionSecurityCookieFilter.class);
 
```
You also have to use a .jsp file instead of a .html as your main GWT file.

Constructor Summary

Constructors
Modifier Constructor and Description

protected AbstractHttpSessionSecurityCookieFilter(String securityCookieName)
Deprecated.

Constructors
Modifier	Constructor and Description
`protected`	`AbstractHttpSessionSecurityCookieFilter(String securityCookieName)` Deprecated.

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`destroy()` Deprecated.
`void`	`doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)` Deprecated.
`protected abstract javax.servlet.http.HttpSession`	`getSession()` Deprecated.
`void`	`init(javax.servlet.FilterConfig filterConfig)` Deprecated.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractHttpSessionSecurityCookieFilter

protected AbstractHttpSessionSecurityCookieFilter(String securityCookieName)

Deprecated.

Method Detail

destroy
```
public void destroy()
```
Deprecated.

Specified by:

destroy in interface javax.servlet.Filter

getSession

protected abstract javax.servlet.http.HttpSession getSession()

Deprecated.

doFilter

public void doFilter(javax.servlet.ServletRequest request,
            javax.servlet.ServletResponse response,
            javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException

Deprecated.

Specified by:: doFilter in interface javax.servlet.Filter
Throws:: IOException; javax.servlet.ServletException

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Deprecated.

Specified by:: init in interface javax.servlet.Filter
Throws:: javax.servlet.ServletException

Class AbstractHttpSessionSecurityCookieFilter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

AbstractHttpSessionSecurityCookieFilter

Method Detail

destroy

getSession

doFilter

init