Class ContentSecurityPolicyProvider
- java.lang.Object
-
- org.camunda.bpm.webapp.impl.security.filter.headersec.provider.HeaderSecurityProvider
-
- org.camunda.bpm.webapp.impl.security.filter.headersec.provider.impl.ContentSecurityPolicyProvider
-
public class ContentSecurityPolicyProvider extends HeaderSecurityProvider
-
-
Field Summary
Fields Modifier and Type Field Description static String
ATTR_CSP_FILTER_NONCE
static String
DISABLED_PARAM
static Base64.Encoder
ENCODER
static String
HEADER_DEFAULT_VALUE
static String
HEADER_NAME
static String
HEADER_NONCE_PLACEHOLDER
static String
VALUE_PARAM
-
Fields inherited from class org.camunda.bpm.webapp.impl.security.filter.headersec.provider.HeaderSecurityProvider
disabled, initParams, value
-
-
Constructor Summary
Constructors Constructor Description ContentSecurityPolicyProvider()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected String
generateNonce()
String
getHeaderName()
String
getHeaderValue(javax.servlet.ServletContext servletContext)
Map<String,String>
initParams()
protected String
normalizeString(String value)
void
parseParams()
-
Methods inherited from class org.camunda.bpm.webapp.impl.security.filter.headersec.provider.HeaderSecurityProvider
isDisabled, setDisabled, setValue
-
-
-
-
Field Detail
-
HEADER_NAME
public static final String HEADER_NAME
- See Also:
- Constant Field Values
-
HEADER_NONCE_PLACEHOLDER
public static final String HEADER_NONCE_PLACEHOLDER
- See Also:
- Constant Field Values
-
HEADER_DEFAULT_VALUE
public static final String HEADER_DEFAULT_VALUE
- See Also:
- Constant Field Values
-
DISABLED_PARAM
public static final String DISABLED_PARAM
- See Also:
- Constant Field Values
-
VALUE_PARAM
public static final String VALUE_PARAM
- See Also:
- Constant Field Values
-
ATTR_CSP_FILTER_NONCE
public static final String ATTR_CSP_FILTER_NONCE
- See Also:
- Constant Field Values
-
ENCODER
public static final Base64.Encoder ENCODER
-
-
Method Detail
-
initParams
public Map<String,String> initParams()
- Specified by:
initParams
in classHeaderSecurityProvider
-
parseParams
public void parseParams()
- Specified by:
parseParams
in classHeaderSecurityProvider
-
getHeaderName
public String getHeaderName()
- Specified by:
getHeaderName
in classHeaderSecurityProvider
-
getHeaderValue
public String getHeaderValue(javax.servlet.ServletContext servletContext)
- Overrides:
getHeaderValue
in classHeaderSecurityProvider
-
generateNonce
protected String generateNonce()
-
-