Class HeadersConfigurer.ContentSecurityPolicyConfig
java.lang.Object
org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig
- Enclosing class:
- HeadersConfigurer<H extends HttpSecurityBuilder<H>>
-
Method Summary
Modifier and TypeMethodDescriptionand()
Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0.policyDirectives
(String policyDirectives) Sets the security policy directive(s) to be used in the response header.Enables (includes) the Content-Security-Policy-Report-Only header in the response.
-
Method Details
-
policyDirectives
Sets the security policy directive(s) to be used in the response header.- Parameters:
policyDirectives
- the security policy directive(s)- Returns:
- the
HeadersConfigurer<H extends HttpSecurityBuilder<H>>.ContentSecurityPolicyConfig
for additional configuration - Throws:
IllegalArgumentException
- if policyDirectives is null or empty
-
reportOnly
Enables (includes) the Content-Security-Policy-Report-Only header in the response.- Returns:
- the
HeadersConfigurer<H extends HttpSecurityBuilder<H>>.ContentSecurityPolicyConfig
for additional configuration
-
and
Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0. UseHeadersConfigurer.contentSecurityPolicy(Customizer)
insteadAllows completing configuration of Content Security Policy and continuing configuration of headers.- Returns:
- the
HeadersConfigurer
for additional configuration
-