Interface CspSettings
- All Known Implementing Classes:
- DefaultCspSettings
public interface CspSettings
CspSettings interface used by the 
CspInterceptor to add the CSP header to the response.
 The default implementation can be found in DefaultCspSettings.- See Also:
- 
Field SummaryFields
- 
Method SummaryModifier and TypeMethodDescriptionvoidaddCspHeaders(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) voidsetEnforcingMode(boolean value) Sets CSP headers in enforcing mode when true, and report-only when falsevoidsetReportTo(String group) Sets the report group where csp violation reports will be sentvoidsetReportUri(String uri) Sets the uri where csp violation reports will be sent
- 
Field Details- 
NONCE_RANDOM_LENGTHstatic final int NONCE_RANDOM_LENGTH- See Also:
 
- 
CSP_ENFORCE_HEADER- See Also:
 
- 
CSP_REPORT_HEADER- See Also:
 
- 
OBJECT_SRC- See Also:
 
- 
SCRIPT_SRC- See Also:
 
- 
BASE_URI- See Also:
 
- 
REPORT_URI- See Also:
 
- 
REPORT_TO- See Also:
 
- 
NONE- See Also:
 
- 
STRICT_DYNAMIC- See Also:
 
- 
HTTP- See Also:
 
- 
HTTPS- See Also:
 
- 
CSP_REPORT_TYPE- See Also:
 
 
- 
- 
Method Details- 
addCspHeadersvoid addCspHeaders(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) 
- 
setReportUriSets the uri where csp violation reports will be sent
- 
setReportToSets the report group where csp violation reports will be sent- Since:
- Struts 6.5.0
 
- 
setEnforcingModevoid setEnforcingMode(boolean value) Sets CSP headers in enforcing mode when true, and report-only when false
 
-