Class HeadersConfigurer.XXssConfig
java.lang.Object
org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.XXssConfig
- Enclosing class:
- HeadersConfigurer<H extends HttpSecurityBuilder<H>>
-
Method Summary
Modifier and TypeMethodDescriptionand()
Allows completing configuration of X-XSS-Protection and continuing configuration of headers.block
(boolean enabled) If false, will not specify the mode as blocked.disable()
Disables X-XSS-Protection header (does not include it)xssProtectionEnabled
(boolean enabled) If true, the header value will contain a value of 1.
-
Method Details
-
block
If false, will not specify the mode as blocked. In this instance, any content will be attempted to be fixed. If true, the content will be replaced with "#".- Parameters:
enabled
- the new value
-
xssProtectionEnabled
If true, the header value will contain a value of 1. For example:X-XSS-Protection: 1
or ifXXssProtectionHeaderWriter.setBlock(boolean)
of the givenXXssProtectionHeaderWriter
is trueX-XSS-Protection: 1; mode=block
If false, will explicitly disable specify that X-XSS-Protection is disabled. For example:X-XSS-Protection: 0
- Parameters:
enabled
- the new value
-
disable
Disables X-XSS-Protection header (does not include it)- Returns:
- the
HeadersConfigurer
for additional configuration
-
and
Allows completing configuration of X-XSS-Protection and continuing configuration of headers.- Returns:
- the
HeadersConfigurer
for additional configuration
-