Class HeadersConfigurer.ContentSecurityPolicyConfig
java.lang.Object
org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig
- Enclosing class:
- HeadersConfigurer<H extends HttpSecurityBuilder<H>>
-
Method Summary
Modifier and TypeMethodDescriptionand()
Allows completing configuration of Content Security Policy and continuing configuration of headers.policyDirectives
(String policyDirectives) Sets the security policy directive(s) to be used in the response header.Enables (includes) the Content-Security-Policy-Report-Only header in the response.
-
Method Details
-
policyDirectives
Sets the security policy directive(s) to be used in the response header.- Parameters:
policyDirectives
- the security policy directive(s)- Returns:
- the
HeadersConfigurer<H extends HttpSecurityBuilder<H>>.ContentSecurityPolicyConfig
for additional configuration - Throws:
IllegalArgumentException
- if policyDirectives is null or empty
-
reportOnly
Enables (includes) the Content-Security-Policy-Report-Only header in the response.- Returns:
- the
HeadersConfigurer<H extends HttpSecurityBuilder<H>>.ContentSecurityPolicyConfig
for additional configuration
-
and
Allows completing configuration of Content Security Policy and continuing configuration of headers.- Returns:
- the
HeadersConfigurer
for additional configuration
-