Class ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec
java.lang.Object
org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.ContentSecurityPolicySpec
- Enclosing class:
- ServerHttpSecurity.HeaderSpec
Configures
Content-Security-Policy
response header.- Since:
- 5.1
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionand()
Allows method chaining to continue configuring theServerHttpSecurity
.policyDirectives
(String policyDirectives) Sets the security policy directive(s) to be used in the response header.reportOnly
(boolean reportOnly) Whether to include theContent-Security-Policy-Report-Only
header in the response.
-
Method Details
-
reportOnly
Whether to include theContent-Security-Policy-Report-Only
header in the response. Otherwise, defaults to theContent-Security-Policy
header.- Parameters:
reportOnly
- whether to only report policy violations- Returns:
- the
ServerHttpSecurity.HeaderSpec
to continue configuring
-
policyDirectives
Sets the security policy directive(s) to be used in the response header.- Parameters:
policyDirectives
- the security policy directive(s)- Returns:
- the
ServerHttpSecurity.HeaderSpec
to continue configuring
-
and
Allows method chaining to continue configuring theServerHttpSecurity
.- Returns:
- the
ServerHttpSecurity.HeaderSpec
to continue configuring
-