SecurityHeadersConfig

A type safe configuration object for setting security headers.

frameOptions: "X-Frame-Options":
xssProtection: "X-XSS-Protection":
contentTypeOptions: "X-Content-Type-Options"
permittedCrossDomainPolicies: "X-Permitted-Cross-Domain-Policies"
contentSecurityPolicy: "Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.
referrerPolicy: "Referrer-Policy"
allowActionSpecificHeaders: Allows specific headers

Source: SecurityHeadersFilter.scala

Linear Supertypes

Serializable, Serializable, Product, Equals, AnyRef, Any

Instance Constructors

new SecurityHeadersConfig()
new SecurityHeadersConfig(frameOptions: Option[String] = Some("DENY"), xssProtection: Option[String] = Some("1; mode=block"), contentTypeOptions: Option[String] = Some("nosniff"), permittedCrossDomainPolicies: Option[String] = Some("master-only"), contentSecurityPolicy: Option[String] = None, referrerPolicy: Option[String] = ..., allowActionSpecificHeaders: Boolean = false)

frameOptions
"X-Frame-Options":
xssProtection
"X-XSS-Protection":
contentTypeOptions
"X-Content-Type-Options"
permittedCrossDomainPolicies
"X-Permitted-Cross-Domain-Policies"
contentSecurityPolicy
"Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.
referrerPolicy
"Referrer-Policy"
allowActionSpecificHeaders
Allows specific headers

Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
val allowActionSpecificHeaders: Boolean

Allows specific headers
final def asInstanceOf[T0]: T0

Definition Classes
Any
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( ... )
val contentTypeOptions: Option[String]

"X-Content-Type-Options"
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
val frameOptions: Option[String]

"X-Frame-Options":
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
final def notifyAll(): Unit

Definition Classes
AnyRef
val permittedCrossDomainPolicies: Option[String]

"X-Permitted-Cross-Domain-Policies"
val referrerPolicy: Option[String]

"Referrer-Policy"
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
def withContentTypeOptions(contentTypeOptions: Optional[String]): SecurityHeadersConfig
def withFrameOptions(frameOptions: Optional[String]): SecurityHeadersConfig
def withPermittedCrossDomainPolicies(permittedCrossDomainPolicies: Optional[String]): SecurityHeadersConfig
def withReferrerPolicy(referrerPolicy: Optional[String]): SecurityHeadersConfig
def withXssProtection(xssProtection: Optional[String]): SecurityHeadersConfig
val xssProtection: Option[String]

"X-XSS-Protection":

Deprecated Value Members

val contentSecurityPolicy: Option[String]

"Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.
"Content-Security-Policy" - this is deprecated in favor of the dedicated CSPFilter.

Annotations
@deprecated
Deprecated
(Since version 2.7.0) Please use play.filters.csp.CSPFilter
def withContentSecurityPolicy(contentSecurityPolicy: Optional[String]): SecurityHeadersConfig

Annotations
@deprecated
Deprecated
(Since version 2.7.0) Please use play.filters.csp.CSPFilter

Related Docs: object SecurityHeadersConfig | package headers

Instance Constructors

new SecurityHeadersConfig()

Value Members

final def !=(arg0: Any): Boolean

final def ##(): Int

final def ==(arg0: Any): Boolean

val allowActionSpecificHeaders: Boolean

final def asInstanceOf[T0]: T0

def clone(): AnyRef

val contentTypeOptions: Option[String]

final def eq(arg0: AnyRef): Boolean

def finalize(): Unit

val frameOptions: Option[String]

final def getClass(): Class[_]

final def isInstanceOf[T0]: Boolean

final def ne(arg0: AnyRef): Boolean

final def notify(): Unit

final def notifyAll(): Unit

val permittedCrossDomainPolicies: Option[String]

val referrerPolicy: Option[String]

final def synchronized[T0](arg0: ⇒ T0): T0

final def wait(): Unit

final def wait(arg0: Long, arg1: Int): Unit

final def wait(arg0: Long): Unit

def withContentTypeOptions(contentTypeOptions: Optional[String]): SecurityHeadersConfig

def withFrameOptions(frameOptions: Optional[String]): SecurityHeadersConfig

def withPermittedCrossDomainPolicies(permittedCrossDomainPolicies: Optional[String]): SecurityHeadersConfig

def withReferrerPolicy(referrerPolicy: Optional[String]): SecurityHeadersConfig

def withXssProtection(xssProtection: Optional[String]): SecurityHeadersConfig

val xssProtection: Option[String]

Deprecated Value Members

val contentSecurityPolicy: Option[String]

def withContentSecurityPolicy(contentSecurityPolicy: Optional[String]): SecurityHeadersConfig

Inherited from Serializable

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from AnyRef

Inherited from Any

Ungrouped