Mercurialnekurak.net / diff
summary | shortlog | changelog | graph | tags | branches | files | changeset | file | latest | revisions | annotate | diff | raw
java/nekurak.net-web/src/java/cz/frantovo/nekurak/posluchac/OchranaProtiCSRF.java
changeset 174 ca3c7dd220fe
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/posluchac/OchranaProtiCSRF.java	Sat Jan 15 18:14:15 2011 +0100
     1.3 @@ -0,0 +1,23 @@
     1.4 +package cz.frantovo.nekurak.posluchac;
     1.5 +
     1.6 +import javax.servlet.http.HttpSessionEvent;
     1.7 +import javax.servlet.http.HttpSessionListener;
     1.8 +
     1.9 +/**
    1.10 + *
    1.11 + * @author fiki
    1.12 + */
    1.13 +public class OchranaProtiCSRF implements HttpSessionListener {
    1.14 +
    1.15 +	public static final String NAZEV_ATRIBUTU = "CSRF_TOKEN";
    1.16 +
    1.17 +	@Override
    1.18 +	public void sessionCreated(HttpSessionEvent se) {
    1.19 +		String csrfToken = String.valueOf(Math.random());
    1.20 +		se.getSession().setAttribute(NAZEV_ATRIBUTU, csrfToken);
    1.21 +	}
    1.22 +
    1.23 +	@Override
    1.24 +	public void sessionDestroyed(HttpSessionEvent se) {
    1.25 +	}
    1.26 +}
nekurak.net