Class HeadersConfigurer.FrameOptionsConfig
java.lang.Object
org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig
- Enclosing class:
- HeadersConfigurer<H extends HttpSecurityBuilder<H>>
-
Method Summary
Modifier and TypeMethodDescriptionand()
Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0.deny()
Specify to DENY framing any content from this application.disable()
Prevents the header from being added to the response.Specify to allow any request that comes from the same origin to frame this application.
-
Method Details
-
deny
Specify to DENY framing any content from this application.- Returns:
- the
HeadersConfigurer
for additional customization.
-
sameOrigin
Specify to allow any request that comes from the same origin to frame this application. For example, if the application was hosted on example.com, then example.com could frame the application, but evil.com could not frame the application.
- Returns:
- the
HeadersConfigurer
for additional customization.
-
disable
Prevents the header from being added to the response.- Returns:
- the
HeadersConfigurer
for additional configuration.
-
and
Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0. UseHeadersConfigurer.frameOptions(Customizer)
orframeOptions(Customizer.withDefaults())
to stick with defaults. See the documentation for more details.Allows continuing customizing the headers configuration.- Returns:
- the
HeadersConfigurer
for additional configuration
-