Interface CspSettings
- All Known Implementing Classes:
DefaultCspSettings
public interface CspSettings
CspSettings interface used by the
CspInterceptor
to add the CSP header to the response.
The default implementation can be found in DefaultCspSettings
.- See Also:
-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionvoid
addCspHeaders
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) void
setEnforcingMode
(boolean value) Sets CSP headers in enforcing mode when true, and report-only when falsevoid
setReportTo
(String group) Sets the report group where csp violation reports will be sentvoid
setReportUri
(String uri) Sets the uri where csp violation reports will be sent
-
Field Details
-
NONCE_RANDOM_LENGTH
static final int NONCE_RANDOM_LENGTH- See Also:
-
CSP_ENFORCE_HEADER
- See Also:
-
CSP_REPORT_HEADER
- See Also:
-
OBJECT_SRC
- See Also:
-
SCRIPT_SRC
- See Also:
-
BASE_URI
- See Also:
-
REPORT_URI
- See Also:
-
REPORT_TO
- See Also:
-
NONE
- See Also:
-
STRICT_DYNAMIC
- See Also:
-
HTTP
- See Also:
-
HTTPS
- See Also:
-
CSP_REPORT_TYPE
- See Also:
-
-
Method Details
-
addCspHeaders
void addCspHeaders(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) -
setReportUri
Sets the uri where csp violation reports will be sent -
setReportTo
Sets the report group where csp violation reports will be sent- Since:
- Struts 6.5.0
-
setEnforcingMode
void setEnforcingMode(boolean value) Sets CSP headers in enforcing mode when true, and report-only when false
-