Packages

case class SecurityHeadersConfig(frameOptions: Option[String] = Some("DENY"), xssProtection: Option[String] = Some("1; mode=block"), contentTypeOptions: Option[String] = Some("nosniff"), permittedCrossDomainPolicies: Option[String] = Some("master-only"), contentSecurityPolicy: Option[String] = None, referrerPolicy: Option[String] = Some("origin-when-cross-origin, strict-origin-when-cross-origin"), allowActionSpecificHeaders: Boolean = false) extends Product with Serializable

A type safe configuration object for setting security headers.

frameOptions

"X-Frame-Options":

xssProtection

"X-XSS-Protection":

contentTypeOptions

"X-Content-Type-Options"

permittedCrossDomainPolicies

"X-Permitted-Cross-Domain-Policies"

contentSecurityPolicy

"Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.

referrerPolicy

"Referrer-Policy"

allowActionSpecificHeaders

Allows specific headers

Source
SecurityHeadersFilter.scala
Linear Supertypes
Serializable, Product, Equals, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. SecurityHeadersConfig
  2. Serializable
  3. Product
  4. Equals
  5. AnyRef
  6. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new SecurityHeadersConfig()
  2. new SecurityHeadersConfig(frameOptions: Option[String] = Some("DENY"), xssProtection: Option[String] = Some("1; mode=block"), contentTypeOptions: Option[String] = Some("nosniff"), permittedCrossDomainPolicies: Option[String] = Some("master-only"), contentSecurityPolicy: Option[String] = None, referrerPolicy: Option[String] = Some("origin-when-cross-origin, strict-origin-when-cross-origin"), allowActionSpecificHeaders: Boolean = false)

    frameOptions

    "X-Frame-Options":

    xssProtection

    "X-XSS-Protection":

    contentTypeOptions

    "X-Content-Type-Options"

    permittedCrossDomainPolicies

    "X-Permitted-Cross-Domain-Policies"

    contentSecurityPolicy

    "Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.

    referrerPolicy

    "Referrer-Policy"

    allowActionSpecificHeaders

    Allows specific headers

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. val allowActionSpecificHeaders: Boolean
  5. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  6. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @HotSpotIntrinsicCandidate() @native()
  7. val contentTypeOptions: Option[String]
  8. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  9. val frameOptions: Option[String]
  10. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @HotSpotIntrinsicCandidate() @native()
  11. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  12. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  13. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @HotSpotIntrinsicCandidate() @native()
  14. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @HotSpotIntrinsicCandidate() @native()
  15. val permittedCrossDomainPolicies: Option[String]
  16. def productElementNames: Iterator[String]
    Definition Classes
    Product
  17. val referrerPolicy: Option[String]
  18. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  19. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  20. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException]) @native()
  21. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  22. def withContentTypeOptions(contentTypeOptions: Optional[String]): SecurityHeadersConfig
  23. def withFrameOptions(frameOptions: Optional[String]): SecurityHeadersConfig
  24. def withPermittedCrossDomainPolicies(permittedCrossDomainPolicies: Optional[String]): SecurityHeadersConfig
  25. def withReferrerPolicy(referrerPolicy: Optional[String]): SecurityHeadersConfig
  26. def withXssProtection(xssProtection: Optional[String]): SecurityHeadersConfig
  27. val xssProtection: Option[String]

Deprecated Value Members

  1. val contentSecurityPolicy: Option[String]
    Annotations
    @deprecated
    Deprecated

    (Since version 2.7.0) Please use play.filters.csp.CSPFilter

  2. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable]) @Deprecated
    Deprecated

    (Since version 9)

  3. def withContentSecurityPolicy(contentSecurityPolicy: Optional[String]): SecurityHeadersConfig
    Annotations
    @deprecated
    Deprecated

    (Since version 2.7.0) Please use play.filters.csp.CSPFilter

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from AnyRef

Inherited from Any

Ungrouped