16 Nisan 2018 Pazartesi

Tomcat Filtre Sınıfları

CorsFilter Sınıfı
Şöyle yaparız.
<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
      <param-name>cors.allowed.headers</param-name>
      <param-value>Content-Type,X-Requested-With,accept,Origin,
        Access-Control-Request-Method,Access-Control-Request-Headers,Authorization
      </param-value>
    </init-param>   
 </filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>
ExpiresFilter Sınıfı
Sunucunun verdiği cevaplara otomatik olarak Expires ve Cache-Control satırları eklemek için kullanılır.

Örnek
Şöyle yaparız.
<filter>
 <filter-name>ExpiresFilter</filter-name>
 <filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
 <init-param>
    <param-name>ExpiresByType image</param-name>
    <param-value>access plus 10 minutes</param-value>
 </init-param>
 <init-param>
    <param-name>ExpiresByType text/css</param-name>
    <param-value>access plus 10 minutes</param-value>
 </init-param>
 <init-param>
    <param-name>ExpiresByType application/x-javascript</param-name>
    <param-value>access plus 10 minutes</param-value>
 </init-param>
</filter>
...
<filter-mapping>
 <filter-name>ExpiresFilter</filter-name>
 <url-pattern>/*</url-pattern>
 <dispatcher>REQUEST</dispatcher>
</filter-mapping>
RestCsrfPreventionFilter Sınıfı
Açıklaması şöyle. CSRF saldırısına karşı kullanılır.
Any endpoints that modify my application's state (ie, POST, PUT, etc) get rejected due to not having a CSRF nonce in the request.
Örnek
Şöyle yaparız.
<filter>
  <filter-name>CsrfFilter</filter-name>
  <filter-class>org.apache.catalina.filters.RestCsrfPreventionFilter</filter-class>
</filter>
<filter-mapping>
  <filter-name>CsrfFilter</filter-name>
  <url-pattern>/run</url-pattern>
</filter-mapping>

Hiç yorum yok:

Yorum Gönder