Mercurialnekurak.net / file revision
summary | shortlog | changelog | graph | tags | branches | files | changeset | file | latest | revisions | annotate | diff | raw
java/nekurak.net-web/src/java/cz/frantovo/nekurak/posluchac/OchranaProtiCSRF.java
author František Kučera <franta-hg@frantovo.cz>
Sat Jan 15 18:14:15 2011 +0100 (2011-01-15)
changeset 174 ca3c7dd220fe
permissions -rw-r--r--
CSRF/XSRF ochrana při hlasování. 
     1 package cz.frantovo.nekurak.posluchac;

     2 

     3 import javax.servlet.http.HttpSessionEvent;

     4 import javax.servlet.http.HttpSessionListener;

     5 

     6 /**

     7  *

     8  * @author fiki

     9  */

    10 public class OchranaProtiCSRF implements HttpSessionListener {

    11 

    12 	public static final String NAZEV_ATRIBUTU = "CSRF_TOKEN";

    13 

    14 	@Override

    15 	public void sessionCreated(HttpSessionEvent se) {

    16 		String csrfToken = String.valueOf(Math.random());

    17 		se.getSession().setAttribute(NAZEV_ATRIBUTU, csrfToken);

    18 	}

    19 

    20 	@Override

    21 	public void sessionDestroyed(HttpSessionEvent se) {

    22 	}

    23 }
nekurak.net