fuseguard.components.filters.ForeignPostFilter

fuseguard.components.filters
Component ForeignPostFilter

filters.BaseFilter
  |
  +--filters.ForeignPostFilter

Detects HTTP Post Requests with referrers other than the origin

Method Summary

public string getAllowedDomains()
          Returns the list of allowed domains set in setAllowedDomains

public string getAllowNullOrigin()
          Returns true if null Origin headers are allowed.

public array getConfigurables()
          Returns a list of configurable properties

public string getDescription()

public string getName()

public string getThreatCategory()
          Returns csrf

public numeric inspectRequest()

public void setAllowedDomains([string allowedDomains])
          Set a list of domains that are allowed to POST to this application, eg a.example.com,b.example.com. The current cgi.server_name is allowed by default

public void setAllowNullOrigin([boolean allowNullOrigin])
          Set if Origin: null is allowed.

Methods inherited from filters.BaseFilter

inspectsCookieScope, logEnabled, inspectsFormScope, inspectsRequestBody, setFilterWhitelist, setFilterInstanceName, getFilterLevel, getLogLevel, setScopes, getRequestLogMessage, allowURI, inspectsURI, ignoreURI, inspectsRequest, inspectsCGIScope, setIgnoreVariableList, getHelp, getRequestLogMessageDetail, setAllowDenyOrder, getIPWhiteListID, setRequestLogMessage, init, setFilterLevel, filterRequest, blockEnabled, getFilterID, inspectsUrlScope, inspectVariable, getFirewall, setAllowURIList, filterEnabled, filterVariables, logOnly, getFilterInstanceName, getFilterComponent, getIPWhiteListProvider, setIgnoreURIList, setFilterID, getBlockLevel, ignoreVariable, denyURI, inspectResponse, hasIPWhiteList, setLogLevel, inspectVariables, setBlockLevel, ignoresVariable

Method Detail

getAllowedDomains

public string getAllowedDomains()

Returns the list of allowed domains set in setAllowedDomains

getAllowNullOrigin

public string getAllowNullOrigin()

Returns true if null Origin headers are allowed.

getConfigurables

public array getConfigurables()

Returns a list of configurable properties

getDescription

public string getDescription()

getName

public string getName()

getThreatCategory

public string getThreatCategory()

Returns csrf

inspectRequest

public numeric inspectRequest()

setAllowedDomains

public void setAllowedDomains([string allowedDomains])

Set a list of domains that are allowed to POST to this application, eg a.example.com,b.example.com. The current cgi.server_name is allowed by default

Parameters:: [string allowedDomains] - A list of domains names

setAllowNullOrigin

public void setAllowNullOrigin([boolean allowNullOrigin])

Set if Origin: null is allowed.

Parameters:: [boolean allowNullOrigin] - Allow or disallow null Origin header

Method Summary
`public string`	`getAllowedDomains()` Returns the list of allowed domains set in setAllowedDomains
`public string`	`getAllowNullOrigin()` Returns true if null Origin headers are allowed.
`public array`	`getConfigurables()` Returns a list of configurable properties
`public string`	`getDescription()`
`public string`	`getName()`
`public string`	`getThreatCategory()` Returns csrf
`public numeric`	`inspectRequest()`
`public void`	`setAllowedDomains([string allowedDomains])` Set a list of domains that are allowed to POST to this application, eg a.example.com,b.example.com. The current cgi.server_name is allowed by default
`public void`	`setAllowNullOrigin([boolean allowNullOrigin])` Set if Origin: null is allowed.

fuseguard.components.filters Component ForeignPostFilter