@Override public State preExecuteAction(ActionContext context, Validation validation) throws Throwable { if(!isEnabled(context)) { return State.CONTINUE; } Request request = context.getRequest(); //Ignore GET request if(request.isMethod(HTTP.Method.GET)) { return State.CONTINUE; } //Check ignored if(CSRF.isIgnored(request.getServletRequest())) { return State.CONTINUE; } CsrfToken token = CSRF.getGeneratedToken(request); checkCsrfToken(request, token); return State.CONTINUE; }