Class XXssProtectionServerHttpHeadersWriter
java.lang.Object
org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
- All Implemented Interfaces:
ServerHttpHeadersWriter
public class XXssProtectionServerHttpHeadersWriter
extends Object
implements ServerHttpHeadersWriter
Add the x-xss-protection header.
- Since:
- 5.0
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidsetBlock(boolean block) If false, will not specify the mode as blocked.voidsetEnabled(boolean enabled) If true, will contain a value of 1.reactor.core.publisher.Mono<Void>writeHttpHeaders(org.springframework.web.server.ServerWebExchange exchange) Write the headers to the response.
-
Field Details
-
X_XSS_PROTECTION
- See Also:
-
-
Constructor Details
-
XXssProtectionServerHttpHeadersWriter
public XXssProtectionServerHttpHeadersWriter()Creates a new instance
-
-
Method Details
-
writeHttpHeaders
public reactor.core.publisher.Mono<Void> writeHttpHeaders(org.springframework.web.server.ServerWebExchange exchange) Description copied from interface:ServerHttpHeadersWriterWrite the headers to the response.- Specified by:
writeHttpHeadersin interfaceServerHttpHeadersWriter- Returns:
- A Mono which is returned to the
Supplierof theReactiveHttpOutputMessage.beforeCommit(Supplier).
-
setEnabled
public void setEnabled(boolean enabled) If true, will contain a value of 1. For example:X-XSS-Protection: 1
or ifsetBlock(boolean)is trueX-XSS-Protection: 1; mode=block
If false, will explicitly disable specify that X-XSS-Protection is disabled. For example:X-XSS-Protection: 0
- Parameters:
enabled- the new value
-
setBlock
public void setBlock(boolean block) If false, will not specify the mode as blocked. In this instance, any content will be attempted to be fixed. If true, the content will be replaced with "#".- Parameters:
block- the new value
-