Class StaticAllowFromStrategy
java.lang.Object
org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy
- All Implemented Interfaces:
AllowFromStrategy
Deprecated.
ALLOW-FROM is an obsolete directive that no longer works in modern
browsers. Instead use Content-Security-Policy with the frame-ancestors
directive.
Simple implementation of the
AllowFromStrategy
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptiongetAllowFromValue
(jakarta.servlet.http.HttpServletRequest request) Deprecated.Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
-
Constructor Details
-
StaticAllowFromStrategy
Deprecated.
-
-
Method Details
-
getAllowFromValue
Deprecated.Description copied from interface:AllowFromStrategy
Gets the value for ALLOW-FROM excluding the ALLOW-FROM. For example, the result might be "https://example.com/".- Specified by:
getAllowFromValue
in interfaceAllowFromStrategy
- Parameters:
request
- theHttpServletRequest
- Returns:
- the value for ALLOW-FROM or null if no header should be added for this request.
-