Closed nabeygun closed 4 months ago
Our application uses an existing annotation, eg @OpenPage, on some Tapestry pages where a user does NOT need to be authenticated to view the page. However, there are over 250 such open page annotated pages (this is still a minority of pages compared to the number of authenticated pages). Without trying to add the annotation @NotCsrfProtected to all these open pages (and as some programmers may forget to do so), is it possible to pass our own annotation to the code used at https://github.com/porscheinformatik/tapestry-csrf-protection/blob/master/src/main/java/at/porscheinformatik/tapestry/csrfprotection/internal/ProtectedPagesService.java#L43 ? Thanks
@OpenPage
@NotCsrfProtected
PS: Java annotations cannot be extended so I cannot simply extend our annotation to use @NotCsrfProtected too
This is no longer needed and closing it out. Thanks
Our application uses an existing annotation, eg
@OpenPage
, on some Tapestry pages where a user does NOT need to be authenticated to view the page. However, there are over 250 such open page annotated pages (this is still a minority of pages compared to the number of authenticated pages). Without trying to add the annotation@NotCsrfProtected
to all these open pages (and as some programmers may forget to do so), is it possible to pass our own annotation to the code used at https://github.com/porscheinformatik/tapestry-csrf-protection/blob/master/src/main/java/at/porscheinformatik/tapestry/csrfprotection/internal/ProtectedPagesService.java#L43 ? ThanksPS: Java annotations cannot be extended so I cannot simply extend our annotation to use
@NotCsrfProtected
too