You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2022/10/03 12:33:01 UTC

[tomcat] branch main updated: Document nonceRequestParameterName. Based on #553 by Mert Ülkgün.

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new 36d5187d6e Document nonceRequestParameterName. Based on #553 by Mert Ülkgün.
36d5187d6e is described below

commit 36d5187d6eba8c9b71cb61bc1692fa3748e0cbba
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Oct 3 13:32:55 2022 +0100

    Document nonceRequestParameterName. Based on #553 by Mert Ülkgün.
---
 webapps/docs/changelog.xml     | 9 +++++++++
 webapps/docs/config/filter.xml | 6 ++++++
 2 files changed, 15 insertions(+)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 90393db49f..87282b6fd6 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -146,6 +146,15 @@
       </add>
     </changelog>
   </subsection>
+  <subsection name="Web applications">
+    <changelog>
+      <fix>
+        Documentation. Document the <code>nonceRequestParameterName</code>
+        attribute for the <code>CsrfPreventionFilter</code>. Based on
+        <pr>553</pr> by Mert Ülkgün. (markt)
+      </fix>
+    </changelog>
+  </subsection>
   <subsection name="Other">
     <changelog>
       <update>
diff --git a/webapps/docs/config/filter.xml b/webapps/docs/config/filter.xml
index 90880bced0..8a92c772f6 100644
--- a/webapps/docs/config/filter.xml
+++ b/webapps/docs/config/filter.xml
@@ -307,6 +307,12 @@
         value of 5 will be used.</p>
       </attribute>
 
+      <attribute name="nonceRequestParameterName" required="false">
+        <p>The name of the request parameter used for the nonce. If not set, the
+        default value of <code>org.apache.catalina.filters.CSRF_NONCE</code>
+        will be used.</p>
+      </attribute>
+
       <attribute name="randomClass" required="false">
         <p>The name of the class to use to generate nonces. The class must be an
         instance of <code>java.util.Random</code>. If not set, the default value


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org