Class ServerHttpSecurity.HeaderSpec.HstsSpec
java.lang.Object
org.springframework.security.config.web.server.ServerHttpSecurity.HeaderSpec.HstsSpec
- Enclosing class:
- ServerHttpSecurity.HeaderSpec
Configures Strict Transport Security response header
- See Also:
-
#hsts()
-
Method Summary
Modifier and TypeMethodDescriptiondisable()Disables strict transport security response headerincludeSubdomains(boolean includeSubDomains) Configures if subdomains should be included.Configures the max age.preload(boolean preload) Configures if preload should be included.
-
Method Details
-
maxAge
Configures the max age. Default is one year.- Parameters:
maxAge- the max age- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpecto continue configuring
-
includeSubdomains
Configures if subdomains should be included. Default is true- Parameters:
includeSubDomains- if subdomains should be included- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpecto continue configuring
-
preload
Configures if preload should be included. Default is false
See Website hstspreload.org for additional details.
- Parameters:
preload- if subdomains should be included- Returns:
- the
ServerHttpSecurity.HeaderSpec.HstsSpecto continue configuring - Since:
- 5.2.0
-
disable
Disables strict transport security response header- Returns:
- the
ServerHttpSecurity.HeaderSpecto continue configuring
-