org.springframework.security.web.firewall (spring-security-docs 7.0.0-RC1 API)

@NullMarked package org.springframework.security.web.firewall

APIs for web security firewall support.

Related Packages

Package

Description

org.springframework.security.web

Spring Security's web security module.
Class

Description

CompositeRequestRejectedHandler

A RequestRejectedHandler that delegates to several other RequestRejectedHandlers.

DefaultHttpFirewall

User's should consider using StrictHttpFirewall because rather than trying to sanitize a malicious URL it rejects the malicious URL providing better security guarantees.

DefaultRequestRejectedHandler

Default implementation of RequestRejectedHandler that simply rethrows the exception.

FirewalledRequest

Request wrapper which is returned by the HttpFirewall interface.

HttpFirewall

Interface which can be used to reject potentially dangerous requests and/or wrap them to control their behaviour.

HttpStatusRequestRejectedHandler

A simple implementation of RequestRejectedHandler that sends an error with configurable status code.

ObservationMarkingRequestRejectedHandler

RequestRejectedException

RequestRejectedHandler

Used by FilterChainProxy to handle an RequestRejectedException.

StrictHttpFirewall

A strict implementation of HttpFirewall that rejects any suspicious requests with a RequestRejectedException.