java/nekurak.net-web/src/java/cz/frantovo/nekurak/posluchac/OchranaProtiCSRF.java
CSRF/XSRF ochrana při hlasování.
1 package cz.frantovo.nekurak.posluchac;
3 import javax.servlet.http.HttpSessionEvent;
4 import javax.servlet.http.HttpSessionListener;
10 public class OchranaProtiCSRF implements HttpSessionListener {
12 public static final String NAZEV_ATRIBUTU = "CSRF_TOKEN";
15 public void sessionCreated(HttpSessionEvent se) {
16 String csrfToken = String.valueOf(Math.random());
17 se.getSession().setAttribute(NAZEV_ATRIBUTU, csrfToken);
21 public void sessionDestroyed(HttpSessionEvent se) {