Public Member Functions
tornado.web.ErrorHandler Class Reference
Inheritance diagram for tornado.web.ErrorHandler:
Inheritance graph
[legend]

List of all members.

Public Member Functions

def check_xsrf_cookie
def initialize
def prepare

Detailed Description

Generates an error response with ``status_code`` for all requests.

Definition at line 1992 of file web.py.

Member Function Documentation

def tornado.web.ErrorHandler.check_xsrf_cookie (   self) 
Verifies that the ``_xsrf`` cookie matches the ``_xsrf`` argument.

To prevent cross-site request forgery, we set an ``_xsrf``
cookie and include the same value as a non-cookie
field with all ``POST`` requests. If the two do not match, we
reject the form submission as a potential forgery.

The ``_xsrf`` value may be set as either a form field named ``_xsrf``
or in a custom HTTP header named ``X-XSRFToken`` or ``X-CSRFToken``
(the latter is accepted for compatibility with Django).

See http://en.wikipedia.org/wiki/Cross-site_request_forgery

Prior to release 1.1.1, this check was ignored if the HTTP header
``X-Requested-With: XMLHTTPRequest`` was present.  This exception
has been shown to be insecure and has been removed.  For more
information please see
http://www.djangoproject.com/weblog/2011/feb/08/security/
http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails

.. versionchanged:: 3.2.2
   Added support for cookie version 2.  Both versions 1 and 2 are
   supported.

Reimplemented from tornado.web.RequestHandler.

Definition at line 2000 of file web.py.

def tornado.web.ErrorHandler.initialize (   self,
  status_code 
)

Definition at line 1994 of file web.py.

def tornado.web.ErrorHandler.prepare (   self) 
Called at the beginning of a request before  `get`/`post`/etc.

Override this method to perform common initialization regardless
of the request method.

Asynchronous support: Decorate this method with `.gen.coroutine`
or `.return_future` to make it asynchronous (the
`asynchronous` decorator cannot be used on `prepare`).
If this method returns a `.Future` execution will not proceed
until the `.Future` is done.

.. versionadded:: 3.1
   Asynchronous support.

Reimplemented from tornado.web.RequestHandler.

Definition at line 1997 of file web.py.

The documentation for this class was generated from the following file:

rosbridge_server
Author(s): Jonathan Mace
autogenerated on Thu Jun 6 2019 21:51:51