Packages

case class SecurityHeadersConfig(frameOptions: Option[String] = Some("DENY"), xssProtection: Option[String] = Some("1; mode=block"), contentTypeOptions: Option[String] = Some("nosniff"), permittedCrossDomainPolicies: Option[String] = Some("master-only"), contentSecurityPolicy: Option[String] = None, referrerPolicy: Option[String] = Some("origin-when-cross-origin, strict-origin-when-cross-origin"), allowActionSpecificHeaders: Boolean = false) extends Product with Serializable

A type safe configuration object for setting security headers.

frameOptions

"X-Frame-Options":

xssProtection

"X-XSS-Protection":

contentTypeOptions

"X-Content-Type-Options"

permittedCrossDomainPolicies

"X-Permitted-Cross-Domain-Policies"

contentSecurityPolicy

"Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.

referrerPolicy

"Referrer-Policy"

allowActionSpecificHeaders

Allows specific headers

Source
SecurityHeadersFilter.scala
Linear Supertypes
Serializable, Product, Equals, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. SecurityHeadersConfig
  2. Serializable
  3. Product
  4. Equals
  5. AnyRef
  6. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new SecurityHeadersConfig()
  2. new SecurityHeadersConfig(frameOptions: Option[String] = Some("DENY"), xssProtection: Option[String] = Some("1; mode=block"), contentTypeOptions: Option[String] = Some("nosniff"), permittedCrossDomainPolicies: Option[String] = Some("master-only"), contentSecurityPolicy: Option[String] = None, referrerPolicy: Option[String] = Some("origin-when-cross-origin, strict-origin-when-cross-origin"), allowActionSpecificHeaders: Boolean = false)

    frameOptions

    "X-Frame-Options":

    xssProtection

    "X-XSS-Protection":

    contentTypeOptions

    "X-Content-Type-Options"

    permittedCrossDomainPolicies

    "X-Permitted-Cross-Domain-Policies"

    contentSecurityPolicy

    "Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.

    referrerPolicy

    "Referrer-Policy"

    allowActionSpecificHeaders

    Allows specific headers

Value Members

  1. val allowActionSpecificHeaders: Boolean
  2. val contentTypeOptions: Option[String]
  3. val frameOptions: Option[String]
  4. val permittedCrossDomainPolicies: Option[String]
  5. def productElementNames: Iterator[String]
    Definition Classes
    Product
  6. val referrerPolicy: Option[String]
  7. def withContentTypeOptions(contentTypeOptions: Optional[String]): SecurityHeadersConfig
  8. def withFrameOptions(frameOptions: Optional[String]): SecurityHeadersConfig
  9. def withPermittedCrossDomainPolicies(permittedCrossDomainPolicies: Optional[String]): SecurityHeadersConfig
  10. def withReferrerPolicy(referrerPolicy: Optional[String]): SecurityHeadersConfig
  11. def withXssProtection(xssProtection: Optional[String]): SecurityHeadersConfig
  12. val xssProtection: Option[String]

Deprecated Value Members

  1. val contentSecurityPolicy: Option[String]
    Annotations
    @deprecated
    Deprecated

    (Since version 2.7.0) Please use play.filters.csp.CSPFilter

  2. def withContentSecurityPolicy(contentSecurityPolicy: Optional[String]): SecurityHeadersConfig
    Annotations
    @deprecated
    Deprecated

    (Since version 2.7.0) Please use play.filters.csp.CSPFilter