Package org.springframework.security.web.header.writers.frameoptions

Class StaticAllowFromStrategy

  • All Implemented Interfaces:
    AllowFromStrategy
    @Deprecated
public final class StaticAllowFromStrategy
extends java.lang.Object
implements AllowFromStrategy
    Deprecated.
    ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.
    Simple implementation of the AllowFromStrategy

    • Constructor Summary

      Constructors 
      Constructor Description
      StaticAllowFromStrategy​(java.net.URI uri)
      Deprecated.
       

    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      java.lang.String getAllowFromValue​(javax.servlet.http.HttpServletRequest request)
      Deprecated.
      Gets the value for ALLOW-FROM excluding the ALLOW-FROM.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • StaticAllowFromStrategy

        public StaticAllowFromStrategy​(java.net.URI uri)
        Deprecated.

    • Method Detail

      • getAllowFromValue

        public java.lang.String getAllowFromValue​(javax.servlet.http.HttpServletRequest request)
        Deprecated.
        Description copied from interface: AllowFromStrategy
        Gets the value for ALLOW-FROM excluding the ALLOW-FROM. For example, the result might be "https://example.com/".
        Specified by:
        getAllowFromValue in interface AllowFromStrategy
        Parameters:
        request - the HttpServletRequest
        Returns:
        the value for ALLOW-FROM or null if no header should be added for this request.