FuseGuard Logo

fuseguard.components.filters
Component ForeignPostFilter

filters.BaseFilter
  |
  +--filters.ForeignPostFilter

Detects HTTP Post Requests with referrers other than the origin

Method Summary
public string getAllowedDomains()
          Returns the list of allowed domains set in setAllowedDomains
public array getConfigurables()
          Returns a list of configurable properties
public string getDescription()
public string getName()
public string getThreatCategory()
          Returns csrf
public numeric inspectRequest()
public void setAllowedDomains([string allowedDomains])
          Set a list of domains that are allowed to POST to this application, eg a.example.com,b.example.com. The current cgi.server_name is allowed by default

Methods inherited from filters.BaseFilter
setAllowURIList, blockEnabled, ignoresVariable, setIgnoreURIList, setScopes, inspectsRequestBody, inspectsCGIScope, inspectsUrlScope, setFilterLevel, setAllowDenyOrder, filterVariables, denyURI, getFilterID, inspectsRequest, setFilterWhitelist, ignoreVariable, ignoreURI, getHelp, init, inspectVariables, getFilterComponent, getRequestLogMessageDetail, inspectsCookieScope, allowURI, setLogLevel, getBlockLevel, inspectsURI, logEnabled, hasIPWhiteList, getFilterInstanceName, filterEnabled, filterRequest, getIPWhiteListProvider, setFilterID, getFilterLevel, inspectResponse, logOnly, setIgnoreVariableList, setRequestLogMessage, setBlockLevel, setFilterInstanceName, inspectVariable, inspectsFormScope, getLogLevel, getRequestLogMessage, getFirewall
 

Method Detail

getAllowedDomains

public string getAllowedDomains()
Returns the list of allowed domains set in setAllowedDomains


getConfigurables

public array getConfigurables()
Returns a list of configurable properties


getDescription

public string getDescription()

getName

public string getName()

getThreatCategory

public string getThreatCategory()
Returns csrf


inspectRequest

public numeric inspectRequest()

setAllowedDomains

public void setAllowedDomains([string allowedDomains])
Set a list of domains that are allowed to POST to this application, eg a.example.com,b.example.com. The current cgi.server_name is allowed by default

Parameters:
[string allowedDomains] - A list of domains names