CookieServerCsrfTokenRepository (spring-security-web 5.2.9.RELEASE API)

java.lang.Object
- org.springframework.security.web.server.csrf.CookieServerCsrfTokenRepository

All Implemented Interfaces:

ServerCsrfTokenRepository
```
public final class CookieServerCsrfTokenRepository
extends java.lang.Object
implements ServerCsrfTokenRepository
```
A ServerCsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS. When using with AngularJS be sure to use withHttpOnlyFalse() .

Since:

5.1

Constructor Summary

Constructors
Constructor and Description

CookieServerCsrfTokenRepository()

Constructors
Constructor and Description
`CookieServerCsrfTokenRepository()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`reactor.core.publisher.Mono<CsrfToken>`	`generateToken(org.springframework.web.server.ServerWebExchange exchange)` Generates a `CsrfToken`
`reactor.core.publisher.Mono<CsrfToken>`	`loadToken(org.springframework.web.server.ServerWebExchange exchange)` Loads the expected `CsrfToken` from the `ServerWebExchange`
`reactor.core.publisher.Mono<java.lang.Void>`	`saveToken(org.springframework.web.server.ServerWebExchange exchange, CsrfToken token)` Saves the `CsrfToken` using the `ServerWebExchange`.
`void`	`setCookieDomain(java.lang.String cookieDomain)` Sets the cookie domain
`void`	`setCookieHttpOnly(boolean cookieHttpOnly)` Sets the HttpOnly attribute on the cookie containing the CSRF token
`void`	`setCookieName(java.lang.String cookieName)` Sets the cookie name
`void`	`setCookiePath(java.lang.String cookiePath)` Sets the cookie path
`void`	`setHeaderName(java.lang.String headerName)` Sets the header name
`void`	`setParameterName(java.lang.String parameterName)` Sets the parameter name
`static CookieServerCsrfTokenRepository`	`withHttpOnlyFalse()` Factory method to conveniently create an instance that has `setCookieHttpOnly(boolean)` set to false.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CookieServerCsrfTokenRepository
```
public CookieServerCsrfTokenRepository()
```
- Method Detail
  - withHttpOnlyFalse
```
public static CookieServerCsrfTokenRepository withHttpOnlyFalse()
```
    Factory method to conveniently create an instance that has setCookieHttpOnly(boolean) set to false.
    
    Returns:
    
    an instance of CookieCsrfTokenRepository with setCookieHttpOnly(boolean) set to false
  - generateToken
```
public reactor.core.publisher.Mono<CsrfToken> generateToken(org.springframework.web.server.ServerWebExchange exchange)
```
    Description copied from interface: ServerCsrfTokenRepository
    
    Generates a CsrfToken
    
    Specified by:
    
    generateToken in interface ServerCsrfTokenRepository
    
    Parameters:
    
    exchange - the ServerWebExchange to use
    
    Returns:
    
    the CsrfToken that was generated. Cannot be null.
  - saveToken
```
public reactor.core.publisher.Mono<java.lang.Void> saveToken(org.springframework.web.server.ServerWebExchange exchange,
                                                             CsrfToken token)
```
    Description copied from interface: ServerCsrfTokenRepository
    
    Saves the CsrfToken using the ServerWebExchange. If the CsrfToken is null, it is the same as deleting it.
    
    Specified by:
    
    saveToken in interface ServerCsrfTokenRepository
    
    Parameters:
    
    exchange - the ServerWebExchange to use
    
    token - the CsrfToken to save or null to delete
  - loadToken
```
public reactor.core.publisher.Mono<CsrfToken> loadToken(org.springframework.web.server.ServerWebExchange exchange)
```
    Description copied from interface: ServerCsrfTokenRepository
    
    Loads the expected CsrfToken from the ServerWebExchange
    
    Specified by:
    
    loadToken in interface ServerCsrfTokenRepository
    
    Parameters:
    
    exchange - the ServerWebExchange to use
    
    Returns:
    
    the CsrfToken or null if none exists
  - setCookieHttpOnly
```
public void setCookieHttpOnly(boolean cookieHttpOnly)
```
    Sets the HttpOnly attribute on the cookie containing the CSRF token
    
    Parameters:
    
    cookieHttpOnly - True to mark the cookie as http only. False otherwise.
  - setCookieName
```
public void setCookieName(java.lang.String cookieName)
```
    Sets the cookie name
    
    Parameters:
    
    cookieName - The cookie name
  - setParameterName
```
public void setParameterName(java.lang.String parameterName)
```
    Sets the parameter name
    
    Parameters:
    
    parameterName - The parameter name
  - setHeaderName
```
public void setHeaderName(java.lang.String headerName)
```
    Sets the header name
    
    Parameters:
    
    headerName - The header name
  - setCookiePath
```
public void setCookiePath(java.lang.String cookiePath)
```
    Sets the cookie path
    
    Parameters:
    
    cookiePath - The cookie path
  - setCookieDomain
```
public void setCookieDomain(java.lang.String cookieDomain)
```
    Sets the cookie domain
    
    Parameters:
    
    cookieDomain - The cookie domain

Class CookieServerCsrfTokenRepository

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CookieServerCsrfTokenRepository

Method Detail

withHttpOnlyFalse

generateToken

saveToken

loadToken

setCookieHttpOnly

setCookieName

setParameterName

setHeaderName

setCookiePath

setCookieDomain