Class StaticAllowFromStrategy
- java.lang.Object
-
- org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy
-
- All Implemented Interfaces:
AllowFromStrategy
@Deprecated public final class StaticAllowFromStrategy extends java.lang.Object implements AllowFromStrategy
Deprecated.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.Simple implementation of theAllowFromStrategy
-
-
Constructor Summary
Constructors Constructor Description StaticAllowFromStrategy(java.net.URI uri)
Deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description java.lang.String
getAllowFromValue(javax.servlet.http.HttpServletRequest request)
Deprecated.Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
-
-
-
Method Detail
-
getAllowFromValue
public java.lang.String getAllowFromValue(javax.servlet.http.HttpServletRequest request)
Deprecated.Description copied from interface:AllowFromStrategy
Gets the value for ALLOW-FROM excluding the ALLOW-FROM. For example, the result might be "https://example.com/".- Specified by:
getAllowFromValue
in interfaceAllowFromStrategy
- Parameters:
request
- theHttpServletRequest
- Returns:
- the value for ALLOW-FROM or null if no header should be added for this request.
-
-