Class RegExpAllowFromStrategy
- java.lang.Object
-
- org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy
-
- org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy
-
- All Implemented Interfaces:
AllowFromStrategy
@Deprecated public final class RegExpAllowFromStrategy extends AbstractRequestParameterAllowFromStrategy
Deprecated.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.Implementation which uses a regular expression to validate the supplied origin. If the value of the HTTP parameter matches the pattern, then the result will be ALLOW-FROM <paramter-value>.- Since:
- 3.2
-
-
Field Summary
-
Fields inherited from class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy
log
-
-
Constructor Summary
Constructors Constructor Description RegExpAllowFromStrategy(java.lang.String pattern)
Deprecated.Creates a new instance
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description protected boolean
allowed(java.lang.String allowFromOrigin)
Deprecated.Method to be implemented by base classes, used to determine if the supplied origin is allowed.-
Methods inherited from class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy
getAllowFromValue, setAllowFromParameterName
-
-
-
-
Method Detail
-
allowed
protected boolean allowed(java.lang.String allowFromOrigin)
Deprecated.Description copied from class:AbstractRequestParameterAllowFromStrategy
Method to be implemented by base classes, used to determine if the supplied origin is allowed.- Specified by:
allowed
in classAbstractRequestParameterAllowFromStrategy
- Parameters:
allowFromOrigin
- the supplied origin- Returns:
true
if the supplied origin is allowed.
-
-