Class SecureHeadersGatewayFilterFactory
- java.lang.Object
-
- org.springframework.cloud.gateway.support.AbstractConfigurable<C>
-
- org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory<SecureHeadersGatewayFilterFactory.Config>
-
- org.springframework.cloud.gateway.filter.factory.SecureHeadersGatewayFilterFactory
-
- All Implemented Interfaces:
org.springframework.beans.factory.Aware,GatewayFilterFactory<SecureHeadersGatewayFilterFactory.Config>,Configurable<SecureHeadersGatewayFilterFactory.Config>,ShortcutConfigurable,org.springframework.context.ApplicationEventPublisherAware
public class SecureHeadersGatewayFilterFactory extends AbstractGatewayFilterFactory<SecureHeadersGatewayFilterFactory.Config>
https://blog.appcanary.com/2017/http-security-headers.html.- Author:
- Spencer Gibb, Thirunavukkarasu Ravichandran
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classSecureHeadersGatewayFilterFactory.Config-
Nested classes/interfaces inherited from class org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory
AbstractGatewayFilterFactory.NameConfig
-
Nested classes/interfaces inherited from interface org.springframework.cloud.gateway.support.ShortcutConfigurable
ShortcutConfigurable.GatewayEvaluationContext, ShortcutConfigurable.RestrictivePropertyAccessor, ShortcutConfigurable.ShortcutType
-
-
Field Summary
Fields Modifier and Type Field Description static StringCONTENT_SECURITY_POLICY_HEADERContent-Security Policy header name.static StringREFERRER_POLICY_HEADERReferrer Policy header name.static StringSTRICT_TRANSPORT_SECURITY_HEADERStrict transport security header name.static StringX_CONTENT_TYPE_OPTIONS_HEADERContent-Type Options header name.static StringX_DOWNLOAD_OPTIONS_HEADERDownload Options header name.static StringX_FRAME_OPTIONS_HEADERFrame options header name.static StringX_PERMITTED_CROSS_DOMAIN_POLICIES_HEADERPermitted Cross-Domain Policies header name.static StringX_XSS_PROTECTION_HEADERXss-Protection header name.-
Fields inherited from interface org.springframework.cloud.gateway.filter.factory.GatewayFilterFactory
NAME_KEY, VALUE_KEY
-
-
Constructor Summary
Constructors Constructor Description SecureHeadersGatewayFilterFactory(SecureHeadersProperties properties)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description GatewayFilterapply(SecureHeadersGatewayFilterFactory.Config originalConfig)-
Methods inherited from class org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory
getPublisher, setApplicationEventPublisher
-
Methods inherited from class org.springframework.cloud.gateway.support.AbstractConfigurable
getConfigClass, newConfig, toString
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.springframework.cloud.gateway.filter.factory.GatewayFilterFactory
apply, apply, apply, getConfigClass, name, newConfig
-
Methods inherited from interface org.springframework.cloud.gateway.support.ShortcutConfigurable
shortcutFieldOrder, shortcutFieldPrefix, shortcutType
-
-
-
-
Field Detail
-
X_XSS_PROTECTION_HEADER
public static final String X_XSS_PROTECTION_HEADER
Xss-Protection header name.- See Also:
- Constant Field Values
-
STRICT_TRANSPORT_SECURITY_HEADER
public static final String STRICT_TRANSPORT_SECURITY_HEADER
Strict transport security header name.- See Also:
- Constant Field Values
-
X_FRAME_OPTIONS_HEADER
public static final String X_FRAME_OPTIONS_HEADER
Frame options header name.- See Also:
- Constant Field Values
-
X_CONTENT_TYPE_OPTIONS_HEADER
public static final String X_CONTENT_TYPE_OPTIONS_HEADER
Content-Type Options header name.- See Also:
- Constant Field Values
-
REFERRER_POLICY_HEADER
public static final String REFERRER_POLICY_HEADER
Referrer Policy header name.- See Also:
- Constant Field Values
-
CONTENT_SECURITY_POLICY_HEADER
public static final String CONTENT_SECURITY_POLICY_HEADER
Content-Security Policy header name.- See Also:
- Constant Field Values
-
X_DOWNLOAD_OPTIONS_HEADER
public static final String X_DOWNLOAD_OPTIONS_HEADER
Download Options header name.- See Also:
- Constant Field Values
-
X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER
public static final String X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER
Permitted Cross-Domain Policies header name.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
SecureHeadersGatewayFilterFactory
public SecureHeadersGatewayFilterFactory(SecureHeadersProperties properties)
-
-
Method Detail
-
apply
public GatewayFilter apply(SecureHeadersGatewayFilterFactory.Config originalConfig)
-
-