Class ContentSecurityPolicyServerHttpHeadersWriter

  • All Implemented Interfaces:
    ServerHttpHeadersWriter

    public final class ContentSecurityPolicyServerHttpHeadersWriter
    extends java.lang.Object
    implements ServerHttpHeadersWriter
    Writes the Contet-Security-Policy response header with configured policy directives.
    Since:
    5.1
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void setPolicyDirectives​(java.lang.String policyDirectives)
      Set the policy directive(s) to be used in the response header.
      void setReportOnly​(boolean reportOnly)
      Set whether to include the Content-Security-Policy-Report-Only header in the response.
      reactor.core.publisher.Mono<java.lang.Void> writeHttpHeaders​(org.springframework.web.server.ServerWebExchange exchange)
      Write the headers to the response.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • CONTENT_SECURITY_POLICY

        public static final java.lang.String CONTENT_SECURITY_POLICY
        See Also:
        Constant Field Values
      • CONTENT_SECURITY_POLICY_REPORT_ONLY

        public static final java.lang.String CONTENT_SECURITY_POLICY_REPORT_ONLY
        See Also:
        Constant Field Values
    • Constructor Detail

      • ContentSecurityPolicyServerHttpHeadersWriter

        public ContentSecurityPolicyServerHttpHeadersWriter()
    • Method Detail

      • writeHttpHeaders

        public reactor.core.publisher.Mono<java.lang.Void> writeHttpHeaders​(org.springframework.web.server.ServerWebExchange exchange)
        Description copied from interface: ServerHttpHeadersWriter
        Write the headers to the response.
        Specified by:
        writeHttpHeaders in interface ServerHttpHeadersWriter
        Returns:
        A Mono which is returned to the Supplier of the ReactiveHttpOutputMessage.beforeCommit(Supplier).
      • setPolicyDirectives

        public void setPolicyDirectives​(java.lang.String policyDirectives)
        Set the policy directive(s) to be used in the response header.
        Parameters:
        policyDirectives - the policy directive(s)
        Throws:
        java.lang.IllegalArgumentException - if policyDirectives is null or empty
      • setReportOnly

        public void setReportOnly​(boolean reportOnly)
        Set whether to include the Content-Security-Policy-Report-Only header in the response. Otherwise, defaults to the Content-Security-Policy header.
        Parameters:
        reportOnly - whether to only report policy violations