Package org.apache.struts2.interceptor
Class FetchMetadataInterceptor
java.lang.Object
org.apache.struts2.interceptor.AbstractInterceptor
org.apache.struts2.interceptor.FetchMetadataInterceptor
- All Implemented Interfaces:
- Serializable,- ConditionalInterceptor,- Interceptor
Interceptor that implements Fetch Metadata policy on incoming requests used to protect against
 CSRF, XSSI, and cross-origin information leaks. Uses 
StrutsResourceIsolationPolicy to
 filter the requests allowed to be processed.- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionintercept(ActionInvocation invocation) Override to handle interceptionvoidsetExemptedPaths(String paths) Methods inherited from class org.apache.struts2.interceptor.AbstractInterceptordestroy, init, setDisabled, shouldIntercept
- 
Constructor Details- 
FetchMetadataInterceptorpublic FetchMetadataInterceptor()
 
- 
- 
Method Details- 
setExemptedPaths
- 
interceptDescription copied from class:AbstractInterceptorOverride to handle interception- Specified by:
- interceptin interface- Interceptor
- Specified by:
- interceptin class- AbstractInterceptor
- Parameters:
- invocation- the action invocation
- Returns:
- the return code, either returned from ActionInvocation.invoke(), or from the interceptor itself.
- Throws:
- Exception- any system-level error, as defined in- Action.execute().
 
 
-