SecurityHeadersFilter

Companion class SecurityHeadersFilter

object SecurityHeadersFilter

This class sets a number of common security headers on the HTTP request.

NOTE: Because these are security headers, they are "secure by default." If the filter is applied, but these fields are NOT defined in Configuration, the defaults on the filter are NOT omitted, but are instead set to the strictest possible value.

{{play.filters.headers.frameOptions}} - sets frameOptions. Some("DENY") by default.
{{play.filters.headers.xssProtection}} - sets xssProtection. Some("1; mode=block") by default.
{{play.filters.headers.contentTypeOptions}} - sets contentTypeOptions. Some("nosniff") by default.
{{play.filters.headers.permittedCrossDomainPolicies}} - sets permittedCrossDomainPolicies. Some("master-only") by default.
{{play.filters.headers.contentSecurityPolicy}} - sets contentSecurityPolicy. Some("default-src 'self'") by default.
{{play.filters.headers.referrerPolicy}} - sets referrerPolicy. Some("origin-when-cross-origin, strict-origin-when-cross-origin") by default.
{{play.filters.headers.allowActionSpecificHeaders}} - sets whether .withHeaders may be used to provide page-specific overrides. False by default.

Source: SecurityHeadersFilter.scala
See also: X-Frame-Options
X-Content-Type-Options
X-XSS-Protection
Content-Security-Policy
Cross Domain Policy File Specification
Referrer Policy

Linear Supertypes

AnyRef, Any

Ordering

Alphabetic
By Inheritance

Inherited

SecurityHeadersFilter
AnyRef
Any

Hide All
Show All

Visibility

Public
All

Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
val CONTENT_SECURITY_POLICY_HEADER: String
val REFERRER_POLICY: String
val X_CONTENT_TYPE_OPTIONS_HEADER: String
val X_FRAME_OPTIONS_HEADER: String
val X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER: String
val X_XSS_PROTECTION_HEADER: String
def apply(config: api.Configuration): SecurityHeadersFilter
Convenience method for creating a filter using play.api.Configuration.
Convenience method for creating a filter using play.api.Configuration. Good for testing.
config
a configuration object that may contain string settings.
returns
a configured SecurityHeadersFilter.
def apply(config: SecurityHeadersConfig = SecurityHeadersConfig()): SecurityHeadersFilter
Convenience method for creating a SecurityHeadersFilter that reads settings from application.conf.
Convenience method for creating a SecurityHeadersFilter that reads settings from application.conf. Generally speaking, you'll want to use this or the apply(SecurityHeadersConfig) method.
returns
a configured SecurityHeadersFilter.
final def asInstanceOf[T0]: T0

Definition Classes
Any
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@native() @throws( ... )
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def equals(arg0: Any): Boolean

Definition Classes
AnyRef → Any
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
Annotations
@native()
def hashCode(): Int

Definition Classes
AnyRef → Any
Annotations
@native()
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def notifyAll(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
def toString(): String

Definition Classes
AnyRef → Any
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@native() @throws( ... )

Inherited from AnyRef

Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@native() @throws( ... )
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def equals(arg0: Any): Boolean

Definition Classes
AnyRef → Any
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
Annotations
@native()
def hashCode(): Int

Definition Classes
AnyRef → Any
Annotations
@native()
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def notifyAll(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
def toString(): String

Definition Classes
AnyRef → Any
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@native() @throws( ... )

Inherited from Any

Value Members

final def asInstanceOf[T0]: T0

Definition Classes
Any
final def isInstanceOf[T0]: Boolean

Definition Classes
Any

Ungrouped

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
val CONTENT_SECURITY_POLICY_HEADER: String
val REFERRER_POLICY: String
val X_CONTENT_TYPE_OPTIONS_HEADER: String
val X_FRAME_OPTIONS_HEADER: String
val X_PERMITTED_CROSS_DOMAIN_POLICIES_HEADER: String
val X_XSS_PROTECTION_HEADER: String
def apply(config: api.Configuration): SecurityHeadersFilter
Convenience method for creating a filter using play.api.Configuration.
Convenience method for creating a filter using play.api.Configuration. Good for testing.
config
a configuration object that may contain string settings.
returns
a configured SecurityHeadersFilter.
def apply(config: SecurityHeadersConfig = SecurityHeadersConfig()): SecurityHeadersFilter
Convenience method for creating a SecurityHeadersFilter that reads settings from application.conf.
Convenience method for creating a SecurityHeadersFilter that reads settings from application.conf. Generally speaking, you'll want to use this or the apply(SecurityHeadersConfig) method.
returns
a configured SecurityHeadersFilter.
final def asInstanceOf[T0]: T0

Definition Classes
Any
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@native() @throws( ... )
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def equals(arg0: Any): Boolean

Definition Classes
AnyRef → Any
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
Annotations
@native()
def hashCode(): Int

Definition Classes
AnyRef → Any
Annotations
@native()
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def notifyAll(): Unit

Definition Classes
AnyRef
Annotations
@native()
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
def toString(): String

Definition Classes
AnyRef → Any
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@native() @throws( ... )

Packages

Play

SecurityHeadersFilter

Companion class SecurityHeadersFilter

object SecurityHeadersFilter

Value Members

Inherited from AnyRef

Value Members

Inherited from Any

Value Members

Ungrouped

Packages

Play

SecurityHeadersFilter 

Companion class SecurityHeadersFilter

object SecurityHeadersFilter

Value Members

Inherited from AnyRef

Value Members

Inherited from Any

Value Members

Ungrouped

SecurityHeadersFilter