CsrfCheck (javadoc 2024.12-174331 API)

All Superinterfaces:

Loggable, ServerExtension, TeamCityExtension
```
public interface CsrfCheck
extends ServerExtension, Loggable
```
Allows to add an extra check at the point when CSRF verification is made. Allows to pass some specific HTTP requests even if a usual CSRF check would not allow it.

Since:

2018.1 (19/04/2017)

Author:

kir

Nested Class Summary

Nested Classes
Modifier and Type Interface Description

static class CsrfCheck.CheckResult

static interface CsrfCheck.Handler

Field Summary

Fields
Modifier and Type Field Description

static Set<String> ACTION_METHODS

static CsrfCheck.CheckResult UNKNOWN

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`CsrfCheck.CheckResult`	`isSafe(javax.servlet.http.HttpServletRequest request)`	Check the request for access safety.

Methods inherited from interface jetbrains.buildServer.log.Loggable
describe

- Field Detail
  - ACTION_METHODS
```
static final Set<String> ACTION_METHODS
```
  - UNKNOWN
```
static final CsrfCheck.CheckResult UNKNOWN
```
- Method Detail
  - isSafe
```
CsrfCheck.CheckResult isSafe(@NotNull
                             javax.servlet.http.HttpServletRequest request)
```
    Check the request for access safety. By default, the request is considered unsafe. Return
    
    CsrfCheck.CheckResult.safe() when the request is possibly safe (and other checks should be made, for a possible CsrfCheck.CheckResult.unsafe(String) return value);
    
    CsrfCheck.CheckResult.unsafe(String) when the request is definitely unsafe, no further checks is made
    
    UNKNOWN when the check can say nothing about such a request