I’m using Play 2.8.x in Scala.
I’m looking for a way to allow an exception to a globally applied CSRF filter to all routes handled by a custom Router. Example routes file:
# the standard exception tag for singular routes does not work when applied to a router
+nocsrf
-> /custom-router-path routers.CustomRouterImpl
I’ve reviewed the APIs around Router, Routes, etc, but have not found anywhere this might be possible. As far as I can tell, the CSRF filter has already been applied by the time the RequestHeader is passed to the Router.routes
partial function.
Is anyone able to help me understand if/where this might be possible?
Thanks,
Dave