Class WhiteListedAllowFromStrategy
java.lang.Object
org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy
org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy
- All Implemented Interfaces:
AllowFromStrategy
@Deprecated
public final class WhiteListedAllowFromStrategy
extends AbstractRequestParameterAllowFromStrategy
Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern
browsers. Instead use Content-Security-Policy with the frame-ancestors
directive.
Implementation which checks the supplied origin against a list of allowed origins.
- Since:
- 3.2
-
Field Summary
Fields inherited from class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy
log
-
Constructor Summary
ConstructorDescriptionWhiteListedAllowFromStrategy
(Collection<String> allowed) Deprecated.Creates a new instance -
Method Summary
Methods inherited from class org.springframework.security.web.header.writers.frameoptions.AbstractRequestParameterAllowFromStrategy
getAllowFromValue, setAllowFromParameterName
-
Constructor Details
-
WhiteListedAllowFromStrategy
Deprecated.Creates a new instance- Parameters:
allowed
- the origins that are allowed.
-
-
Method Details
-
allowed
Deprecated.Description copied from class:AbstractRequestParameterAllowFromStrategy
Method to be implemented by base classes, used to determine if the supplied origin is allowed.- Specified by:
allowed
in classAbstractRequestParameterAllowFromStrategy
- Parameters:
allowFromOrigin
- the supplied origin- Returns:
true
if the supplied origin is allowed.
-