Class ServerHttpSecurity.HeaderSpec.HstsSpec
- java.lang.Object
-
- org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec
-
- Enclosing class:
- ServerHttpSecurity.HeaderSpec
public class ServerHttpSecurity.HeaderSpec.HstsSpec extends java.lang.Object
Configures Strict Transport Security response header- See Also:
ServerHttpSecurity.HeaderSpec.hsts()
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ServerHttpSecurity.HeaderSpec
and()
Allows method chaining to continue configuring theServerHttpSecurity
ServerHttpSecurity.HeaderSpec
disable()
Disables strict transport security response headerServerHttpSecurity.HeaderSpec.HstsSpec
includeSubdomains(boolean includeSubDomains)
Configures if subdomains should be included.ServerHttpSecurity.HeaderSpec.HstsSpec
maxAge(java.time.Duration maxAge)
Configures the max age.ServerHttpSecurity.HeaderSpec.HstsSpec
preload(boolean preload)
Configures if preload should be included.
-
-
-
Method Detail
-
maxAge
public ServerHttpSecurity.HeaderSpec.HstsSpec maxAge(java.time.Duration maxAge)
Configures the max age. Default is one year.- Parameters:
maxAge
- the max age- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpec
to continue configuring
-
includeSubdomains
public ServerHttpSecurity.HeaderSpec.HstsSpec includeSubdomains(boolean includeSubDomains)
Configures if subdomains should be included. Default is true- Parameters:
includeSubDomains
- if subdomains should be included- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpec
to continue configuring
-
preload
public ServerHttpSecurity.HeaderSpec.HstsSpec preload(boolean preload)
Configures if preload should be included. Default is false
See Website hstspreload.org for additional details.
- Parameters:
preload
- if subdomains should be included- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpec
to continue configuring - Since:
- 5.2.0
-
and
public ServerHttpSecurity.HeaderSpec and()
Allows method chaining to continue configuring theServerHttpSecurity
- Returns:
- the
ServerHttpSecurity.HeaderSpec
to continue configuring
-
disable
public ServerHttpSecurity.HeaderSpec disable()
Disables strict transport security response header- Returns:
- the
ServerHttpSecurity.HeaderSpec
to continue configuring
-
-