Class ServerHttpSecurity.HeaderSpec.XssProtectionSpec
- java.lang.Object
-
- org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.XssProtectionSpec
-
- Enclosing class:
- ServerHttpSecurity.HeaderSpec
public final class ServerHttpSecurity.HeaderSpec.XssProtectionSpec extends java.lang.Object
Configures x-xss-protection response header
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ServerHttpSecurity.HeaderSpec
disable()
Disables the x-xss-protection response headerServerHttpSecurity.HeaderSpec
headerValue(XXssProtectionServerHttpHeadersWriter.HeaderValue headerValue)
Sets the value of x-xss-protection header.
-
-
-
Method Detail
-
disable
public ServerHttpSecurity.HeaderSpec disable()
Disables the x-xss-protection response header- Returns:
- the
ServerHttpSecurity.HeaderSpec
to continue configuring
-
headerValue
public ServerHttpSecurity.HeaderSpec headerValue(XXssProtectionServerHttpHeadersWriter.HeaderValue headerValue)
Sets the value of x-xss-protection header. OWASP recommends usingXXssProtectionServerHttpHeadersWriter.HeaderValue.DISABLED
.- Parameters:
headerValue
- the headerValue- Returns:
- the
ServerHttpSecurity.HeaderSpec
to continue configuring - Since:
- 5.8
-
-