public final class ContentSecurityPolicyServerHttpHeadersWriter extends java.lang.Object implements ServerHttpHeadersWriter
Contet-Security-Policy
response header with configured policy
directives.Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CONTENT_SECURITY_POLICY |
static java.lang.String |
CONTENT_SECURITY_POLICY_REPORT_ONLY |
Constructor and Description |
---|
ContentSecurityPolicyServerHttpHeadersWriter() |
Modifier and Type | Method and Description |
---|---|
void |
setPolicyDirectives(java.lang.String policyDirectives)
Set the policy directive(s) to be used in the response header.
|
void |
setReportOnly(boolean reportOnly)
Set whether to include the
Content-Security-Policy-Report-Only header in
the response. |
reactor.core.publisher.Mono<java.lang.Void> |
writeHttpHeaders(org.springframework.web.server.ServerWebExchange exchange)
Write the headers to the response.
|
public static final java.lang.String CONTENT_SECURITY_POLICY
public static final java.lang.String CONTENT_SECURITY_POLICY_REPORT_ONLY
public ContentSecurityPolicyServerHttpHeadersWriter()
public reactor.core.publisher.Mono<java.lang.Void> writeHttpHeaders(org.springframework.web.server.ServerWebExchange exchange)
ServerHttpHeadersWriter
writeHttpHeaders
in interface ServerHttpHeadersWriter
Supplier
of the
ReactiveHttpOutputMessage.beforeCommit(Supplier)
.public void setPolicyDirectives(java.lang.String policyDirectives)
policyDirectives
- the policy directive(s)java.lang.IllegalArgumentException
- if policyDirectives is null
or emptypublic void setReportOnly(boolean reportOnly)
Content-Security-Policy-Report-Only
header in
the response. Otherwise, defaults to the Content-Security-Policy
header.reportOnly
- whether to only report policy violations