RegExpAllowFromStrategy (Spring Security 3.2.10.RELEASE API)

java.lang.Object
- org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy

All Implemented Interfaces:

AllowFromStrategy
```
public final class RegExpAllowFromStrategy
extends Object
```
Implementation which uses a regular expression to validate the supplied origin. If the value of the HTTP parameter matches the pattern, then the the result will be ALLOW-FROM .

Since:

3.2

Field Summary

Fields
Modifier and Type Field and Description

protected org.apache.commons.logging.Log log
Logger for use by subclasses

Fields
Modifier and Type	Field and Description
`protected org.apache.commons.logging.Log`	`log` Logger for use by subclasses

Constructor Summary

Constructors
Constructor and Description

RegExpAllowFromStrategy(String pattern)
Creates a new instance

Constructors
Constructor and Description
`RegExpAllowFromStrategy(String pattern)` Creates a new instance

Method Summary

Methods
Modifier and Type	Method and Description
`protected boolean`	`allowed(String allowFromOrigin)` Method to be implemented by base classes, used to determine if the supplied origin is allowed.
`String`	`getAllowFromValue(javax.servlet.http.HttpServletRequest request)` Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
`void`	`setAllowFromParameterName(String allowFromParameterName)` Sets the HTTP parameter used to retrieve the value for the origin that is allowed from.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - log
```
protected final org.apache.commons.logging.Log log
```
    Logger for use by subclasses
- Constructor Detail
  - RegExpAllowFromStrategy
```
public RegExpAllowFromStrategy(String pattern)
```
    Creates a new instance
    
    Parameters:
    pattern - the Pattern to compare against the HTTP parameter value. If the pattern matches, the domain will be allowed, else denied.
- Method Detail
  - allowed
```
protected boolean allowed(String allowFromOrigin)
```
    Method to be implemented by base classes, used to determine if the supplied origin is allowed.
    
    Parameters:
    allowFromOrigin - the supplied origin
    
    Returns:
    true if the supplied origin is allowed.
  - getAllowFromValue
```
public String getAllowFromValue(javax.servlet.http.HttpServletRequest request)
```
    Description copied from interface: AllowFromStrategy
    
    Gets the value for ALLOW-FROM excluding the ALLOW-FROM. For example, the result might be "https://example.com/".
    
    Specified by:
    
    getAllowFromValue in interface AllowFromStrategy
    
    Parameters:
    request - the HttpServletRequest
    
    Returns:
    the value for ALLOW-FROM or null if no header should be added for this request.
  - setAllowFromParameterName
```
public void setAllowFromParameterName(String allowFromParameterName)
```
    Sets the HTTP parameter used to retrieve the value for the origin that is allowed from. The value of the parameter should be a valid URL. The default parameter name is "x-frames-allow-from".
    
    Parameters:
    allowFromParameterName - the name of the HTTP parameter to

Class RegExpAllowFromStrategy

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

log

Constructor Detail

RegExpAllowFromStrategy

Method Detail

allowed

getAllowFromValue

setAllowFromParameterName