public abstract class CsrfPreventingForm<T>
extends org.apache.wicket.markup.html.form.Form<T>
Form
that uses a hidden field to store a token that is checked upon form submission
to prevent CSRF attacks.ENCTYPE_MULTIPART_FORM_DATA, METHOD_GET, METHOD_POST
Constructor and Description |
---|
CsrfPreventingForm(java.lang.String id) |
CsrfPreventingForm(java.lang.String id,
org.apache.wicket.model.IModel<T> model) |
Modifier and Type | Method and Description |
---|---|
void |
onComponentTagBody(org.apache.wicket.markup.MarkupStream markupStream,
org.apache.wicket.markup.ComponentTag openTag) |
protected void |
onSubmit() |
protected abstract void |
onSubmitInternal() |
add, appendDefaultButtonField, beforeUpdateFormComponentModels, callOnError, clearInput, delegateSubmit, encodeUrlInHiddenFields, error, findForm, findSubmittingButton, getActionUrl, getDefaultButton, getFormValidators, getHiddenFieldId, getInputNamePrefix, getJsForInterfaceUrl, getMaxSize, getMethod, getModel, getModelObject, getRootForm, getRootFormRelativeId, getStatelessHint, getValidatorKeyPrefix, handleMultiPart, hasError, internalOnModelChanged, isMultiPart, isRootForm, isSubmitted, markFormComponentsInvalid, markFormComponentsValid, onBeforeRender, onComponentTag, onDetach, onError, onFileUploadException, onFormSubmitted, onFormSubmitted, onMethodMismatch, onValidate, onValidateModelObjects, process, registerJavaScriptNamespaces, remove, renderHead, renderPlaceholderTag, setDefaultButton, setMaxSize, setModel, setModelObject, setMultiPart, setVersioned, updateFormComponentModels, validate, validateComponents, validateFormValidator, validateFormValidators, visitFormComponents, visitFormComponentsPostOrder, wantSubmitOnNestedFormSubmit, writeParamsAsHiddenFields
getWebPage, getWebRequest, getWebResponse, getWebSession
add, addOrReplace, autoAdd, contains, get, get, getAssociatedMarkup, getAssociatedMarkupStream, getMarkup, getMarkupType, internalAdd, internalInitialize, iterator, iterator, onAfterRenderChildren, onRender, remove, remove, removeAll, renderAll, renderAssociatedMarkup, renderNext, replace, setDefaultModel, size, swap, toString, toString, visitChildren, visitChildren, visitChildren, visitChildren
add, addStateChange, afterRender, beforeRender, canCallListenerInterface, checkComponentTag, checkComponentTagAttribute, checkHierarchyChange, configure, continueToOriginalDestination, debug, detach, detachModel, detachModels, determineVisibility, error, exceptionMessage, fatal, findMarkupStream, findPage, findParent, findParentWithAssociatedMarkup, getAjaxRegionMarkupId, getApplication, getBehaviorById, getBehaviorId, getBehaviors, getBehaviors, getClassRelativePath, getConverter, getDefaultModel, getDefaultModelObject, getDefaultModelObjectAsString, getDefaultModelObjectAsString, getEscapeModelStrings, getFeedbackMessages, getFlag, getId, getInnermostModel, getInnermostModel, getLocale, getLocalizer, getMarkup, getMarkupAttributes, getMarkupId, getMarkupId, getMarkupIdFromMarkup, getMarkupIdImpl, getMarkupSourcingStrategy, getMetaData, getModelComparator, getOutputMarkupId, getOutputMarkupPlaceholderTag, getPage, getPageRelativePath, getParent, getPath, getRenderBodyOnly, getRequest, getRequestCycle, getRequestFlag, getResponse, getSession, getSizeInBytes, getString, getString, getString, getStyle, getVariation, hasBeenRendered, hasErrorMessage, hasFeedbackMessage, info, initModel, internalPrepareForRender, internalRenderComponent, isActionAuthorized, isAuto, isBehaviorAccepted, isEnableAllowed, isEnabled, isEnabledInHierarchy, isIgnoreAttributeModifier, isRenderAllowed, isStateless, isVersioned, isVisibilityAllowed, isVisible, isVisibleInHierarchy, markRendering, modelChanged, modelChanging, newMarkupSourcingStrategy, onAfterRender, onConfigure, onEvent, onInitialize, onModelChanged, onModelChanging, onRemove, prepareForRender, redirectToInterceptPage, remove, remove, render, renderComponentTag, rendered, renderHead, renderHead, replaceComponentTagBody, replaceWith, sameInnermostModel, sameInnermostModel, send, setAuto, setDefaultModelObject, setEnabled, setEscapeModelStrings, setFlag, setIgnoreAttributeModifier, setMarkup, setMarkupId, setMarkupIdImpl, setMetaData, setOutputMarkupId, setOutputMarkupPlaceholderTag, setParent, setRenderBodyOnly, setRequestFlag, setResponsePage, setResponsePage, setResponsePage, setVisibilityAllowed, setVisible, success, urlFor, urlFor, urlFor, urlFor, urlFor, visitParents, visitParents, warn, wrap
public CsrfPreventingForm(java.lang.String id)
public CsrfPreventingForm(java.lang.String id, org.apache.wicket.model.IModel<T> model)
public void onComponentTagBody(org.apache.wicket.markup.MarkupStream markupStream, org.apache.wicket.markup.ComponentTag openTag)
onComponentTagBody
in class org.apache.wicket.markup.html.form.Form<T>
protected final void onSubmit()
onSubmit
in class org.apache.wicket.markup.html.form.Form<T>
protected abstract void onSubmitInternal()