Interface CspSettings
- All Known Implementing Classes:
DefaultCspSettings
public interface CspSettings
CspSettings interface used by the
CspInterceptor
to add the CSP header to the response.
The default implementation can be found in DefaultCspSettings
.- See Also:
-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionvoid
addCspHeaders
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) void
addCspHeaders
(jakarta.servlet.http.HttpServletResponse response) Deprecated.void
setEnforcingMode
(boolean value) Sets CSP headers in enforcing mode when true, and report-only when falsevoid
setReportUri
(String uri) Sets the uri where csp violation reports will be sent
-
Field Details
-
NONCE_RANDOM_LENGTH
static final int NONCE_RANDOM_LENGTH- See Also:
-
CSP_ENFORCE_HEADER
- See Also:
-
CSP_REPORT_HEADER
- See Also:
-
OBJECT_SRC
- See Also:
-
SCRIPT_SRC
- See Also:
-
BASE_URI
- See Also:
-
REPORT_URI
- See Also:
-
NONE
- See Also:
-
STRICT_DYNAMIC
- See Also:
-
HTTP
- See Also:
-
HTTPS
- See Also:
-
CSP_REPORT_TYPE
- See Also:
-
-
Method Details
-
addCspHeaders
Deprecated. -
addCspHeaders
void addCspHeaders(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) -
setReportUri
Sets the uri where csp violation reports will be sent -
setEnforcingMode
void setEnforcingMode(boolean value) Sets CSP headers in enforcing mode when true, and report-only when false
-
addCspHeaders(HttpServletRequest, HttpServletResponse)
instead