Package org.owasp.esapi.filters
Class ClickjackFilter
- java.lang.Object
-
- org.owasp.esapi.filters.ClickjackFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
public class ClickjackFilter extends java.lang.Object implements javax.servlet.Filter
TheClickjackFilter
is discussed at
-
-
Constructor Summary
Constructors Constructor Description ClickjackFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
destroy()
void
doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
Add X-FRAME-OPTIONS response header to tell IE8 (and any other browsers who decide to implement) not to display this content in a frame.void
init(javax.servlet.FilterConfig filterConfig)
Initialize "mode" parameter from web.xml.
-
-
-
Method Detail
-
init
public void init(javax.servlet.FilterConfig filterConfig)
Initialize "mode" parameter from web.xml. Valid values are "DENY" and "SAMEORIGIN". If you leave this parameter out, the default is to use the DENY mode.- Specified by:
init
in interfacejavax.servlet.Filter
- Parameters:
filterConfig
- A filter configuration object used by a servlet container to pass information to a filter during initialization.
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
Add X-FRAME-OPTIONS response header to tell IE8 (and any other browsers who decide to implement) not to display this content in a frame. For details, please refer to- Specified by:
doFilter
in interfacejavax.servlet.Filter
- Throws:
java.io.IOException
javax.servlet.ServletException
-
destroy
public void destroy()
- Specified by:
destroy
in interfacejavax.servlet.Filter
-
-