Class HeadersConfigurer.XXssConfig
- java.lang.Object
-
- org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
-
- Enclosing class:
- HeadersConfigurer<H extends HttpSecurityBuilder<H>>
public final class HeadersConfigurer.XXssConfig extends java.lang.Object
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description HeadersConfigurer<H>
and()
Allows completing configuration of X-XSS-Protection and continuing configuration of headers.HeadersConfigurer.XXssConfig
block(boolean enabled)
If false, will not specify the mode as blocked.HeadersConfigurer<H>
disable()
Disables X-XSS-Protection header (does not include it)HeadersConfigurer.XXssConfig
xssProtectionEnabled(boolean enabled)
If true, the header value will contain a value of 1.
-
-
-
Method Detail
-
block
public HeadersConfigurer.XXssConfig block(boolean enabled)
If false, will not specify the mode as blocked. In this instance, any content will be attempted to be fixed. If true, the content will be replaced with "#".- Parameters:
enabled
- the new value
-
xssProtectionEnabled
public HeadersConfigurer.XXssConfig xssProtectionEnabled(boolean enabled)
If true, the header value will contain a value of 1. For example:X-XSS-Protection: 1
or ifXXssProtectionHeaderWriter.setBlock(boolean)
of the givenXXssProtectionHeaderWriter
is trueX-XSS-Protection: 1; mode=block
If false, will explicitly disable specify that X-XSS-Protection is disabled. For example:X-XSS-Protection: 0
- Parameters:
enabled
- the new value
-
disable
public HeadersConfigurer<H> disable()
Disables X-XSS-Protection header (does not include it)- Returns:
- the
HeadersConfigurer
for additional configuration
-
and
public HeadersConfigurer<H> and()
Allows completing configuration of X-XSS-Protection and continuing configuration of headers.- Returns:
- the
HeadersConfigurer
for additional configuration
-
-