public class ContentSecurityPolicyConfigurer extends Object
AuthorizationServerWebSecurityConfiguration.| Constructor and Description |
|---|
ContentSecurityPolicyConfigurer(AuthorizationServerProperties authorizationServerProperties) |
| Modifier and Type | Method and Description |
|---|---|
void |
configure(org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig config)
If
isContentSecurityPolicyEnabled(), this method will be invoked to configure the
content security policy. |
protected AuthorizationServerProperties |
getAuthorizationServerProperties() |
protected String |
getBaseUriDirective(AuthorizationServerProperties.ContentSecurityPolicyProperties properties) |
protected String |
getCombinedDirectivesValue() |
protected String |
getDefaultSrcDirective(AuthorizationServerProperties.ContentSecurityPolicyProperties properties) |
boolean |
isContentSecurityPolicyEnabled()
Whether or not content security policy behavior should be enabled.
|
public ContentSecurityPolicyConfigurer(AuthorizationServerProperties authorizationServerProperties)
public boolean isContentSecurityPolicyEnabled()
public void configure(org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.ContentSecurityPolicyConfig config)
isContentSecurityPolicyEnabled(), this method will be invoked to configure the
content security policy. This is typically invoked via
HeadersConfigurer.contentSecurityPolicy(Customizer).config - the content security policy configuration to customize@Nullable protected String getCombinedDirectivesValue()
@Nullable protected String getDefaultSrcDirective(AuthorizationServerProperties.ContentSecurityPolicyProperties properties)
@Nullable protected String getBaseUriDirective(AuthorizationServerProperties.ContentSecurityPolicyProperties properties)
protected AuthorizationServerProperties getAuthorizationServerProperties()
Copyright © 2021. All rights reserved.