Class ServerHttpSecurity.HeaderSpec.HstsSpec
- java.lang.Object
-
- org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec
-
- Enclosing class:
- ServerHttpSecurity.HeaderSpec
public final class ServerHttpSecurity.HeaderSpec.HstsSpec extends java.lang.ObjectConfigures Strict Transport Security response header- See Also:
ServerHttpSecurity.HeaderSpec.hsts()
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ServerHttpSecurity.HeaderSpecand()Allows method chaining to continue configuring theServerHttpSecurityServerHttpSecurity.HeaderSpecdisable()Disables strict transport security response headerServerHttpSecurity.HeaderSpec.HstsSpecincludeSubdomains(boolean includeSubDomains)Configures if subdomains should be included.ServerHttpSecurity.HeaderSpec.HstsSpecmaxAge(java.time.Duration maxAge)Configures the max age.ServerHttpSecurity.HeaderSpec.HstsSpecpreload(boolean preload)Configures if preload should be included.
-
-
-
Method Detail
-
maxAge
public ServerHttpSecurity.HeaderSpec.HstsSpec maxAge(java.time.Duration maxAge)
Configures the max age. Default is one year.- Parameters:
maxAge- the max age- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpecto continue configuring
-
includeSubdomains
public ServerHttpSecurity.HeaderSpec.HstsSpec includeSubdomains(boolean includeSubDomains)
Configures if subdomains should be included. Default is true- Parameters:
includeSubDomains- if subdomains should be included- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpecto continue configuring
-
preload
public ServerHttpSecurity.HeaderSpec.HstsSpec preload(boolean preload)
Configures if preload should be included. Default is false
See Website hstspreload.org for additional details.
- Parameters:
preload- if subdomains should be included- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpecto continue configuring - Since:
- 5.2.0
-
and
public ServerHttpSecurity.HeaderSpec and()
Allows method chaining to continue configuring theServerHttpSecurity- Returns:
- the
ServerHttpSecurity.HeaderSpecto continue configuring
-
disable
public ServerHttpSecurity.HeaderSpec disable()
Disables strict transport security response header- Returns:
- the
ServerHttpSecurity.HeaderSpecto continue configuring
-
-