Packages

case class SecurityHeadersConfig(frameOptions: Option[String] = Some("DENY"), xssProtection: Option[String] = Some("1; mode=block"), contentTypeOptions: Option[String] = Some("nosniff"), permittedCrossDomainPolicies: Option[String] = Some("master-only"), contentSecurityPolicy: Option[String] = None, referrerPolicy: Option[String] = Some("origin-when-cross-origin, strict-origin-when-cross-origin"), allowActionSpecificHeaders: Boolean = false) extends Product with Serializable

A type safe configuration object for setting security headers.

frameOptions

"X-Frame-Options":

xssProtection

"X-XSS-Protection":

contentTypeOptions

"X-Content-Type-Options"

permittedCrossDomainPolicies

"X-Permitted-Cross-Domain-Policies"

contentSecurityPolicy

"Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.

referrerPolicy

"Referrer-Policy"

allowActionSpecificHeaders

Allows specific headers

Source
SecurityHeadersFilter.scala
Linear Supertypes
Serializable, Product, Equals, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. SecurityHeadersConfig
  2. Serializable
  3. Product
  4. Equals
  5. AnyRef
  6. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new SecurityHeadersConfig()
  2. new SecurityHeadersConfig(frameOptions: Option[String] = Some("DENY"), xssProtection: Option[String] = Some("1; mode=block"), contentTypeOptions: Option[String] = Some("nosniff"), permittedCrossDomainPolicies: Option[String] = Some("master-only"), contentSecurityPolicy: Option[String] = None, referrerPolicy: Option[String] = Some("origin-when-cross-origin, strict-origin-when-cross-origin"), allowActionSpecificHeaders: Boolean = false)

    frameOptions

    "X-Frame-Options":

    xssProtection

    "X-XSS-Protection":

    contentTypeOptions

    "X-Content-Type-Options"

    permittedCrossDomainPolicies

    "X-Permitted-Cross-Domain-Policies"

    contentSecurityPolicy

    "Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.

    referrerPolicy

    "Referrer-Policy"

    allowActionSpecificHeaders

    Allows specific headers

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. val allowActionSpecificHeaders: Boolean
  5. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  6. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @native()
  7. val contentTypeOptions: Option[String]
  8. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  9. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable])
  10. val frameOptions: Option[String]
  11. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  12. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  13. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  14. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  15. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  16. val permittedCrossDomainPolicies: Option[String]
  17. def productElementNames: Iterator[String]
    Definition Classes
    Product
  18. val referrerPolicy: Option[String]
  19. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  20. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  21. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  22. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException]) @native()
  23. def withContentTypeOptions(contentTypeOptions: Optional[String]): SecurityHeadersConfig
  24. def withFrameOptions(frameOptions: Optional[String]): SecurityHeadersConfig
  25. def withPermittedCrossDomainPolicies(permittedCrossDomainPolicies: Optional[String]): SecurityHeadersConfig
  26. def withReferrerPolicy(referrerPolicy: Optional[String]): SecurityHeadersConfig
  27. def withXssProtection(xssProtection: Optional[String]): SecurityHeadersConfig
  28. val xssProtection: Option[String]

Deprecated Value Members

  1. val contentSecurityPolicy: Option[String]
    Annotations
    @deprecated
    Deprecated

    (Since version 2.7.0) Please use play.filters.csp.CSPFilter

  2. def withContentSecurityPolicy(contentSecurityPolicy: Optional[String]): SecurityHeadersConfig
    Annotations
    @deprecated
    Deprecated

    (Since version 2.7.0) Please use play.filters.csp.CSPFilter

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from AnyRef

Inherited from Any

Ungrouped