public class HttpHeaderSecurityFilter extends FilterBase
sm| Constructor and Description | 
|---|
| HttpHeaderSecurityFilter() | 
| Modifier and Type | Method and Description | 
|---|---|
| void | doFilter(ServletRequest request,
        ServletResponse response,
        FilterChain chain)The  doFiltermethod of the Filter is called by the container
 each time a request/response pair is passed through the chain due to a
 client request for a resource at the end of the chain. | 
| String | getAntiClickJackingOption() | 
| String | getAntiClickJackingUri() | 
| int | getHstsMaxAgeSeconds() | 
| protected Log | getLogger() | 
| void | init(FilterConfig filterConfig)Iterates over the configuration parameters and either logs a warning,
 or throws an exception for any parameter that does not have a matching
 setter in this filter. | 
| boolean | isAntiClickJackingEnabled() | 
| boolean | isBlockContentTypeSniffingEnabled() | 
| protected boolean | isConfigProblemFatal()Determines if an exception when calling a setter or an unknown
 configuration attribute triggers the failure of the this filter which in
 turn will prevent the web application from starting. | 
| boolean | isHstsEnabled() | 
| boolean | isHstsIncludeSubDomains() | 
| boolean | isHstsPreload() | 
| boolean | isXssProtectionEnabled() | 
| void | setAntiClickJackingEnabled(boolean antiClickJackingEnabled) | 
| void | setAntiClickJackingOption(String antiClickJackingOption) | 
| void | setAntiClickJackingUri(String antiClickJackingUri) | 
| void | setBlockContentTypeSniffingEnabled(boolean blockContentTypeSniffingEnabled) | 
| void | setHstsEnabled(boolean hstsEnabled) | 
| void | setHstsIncludeSubDomains(boolean hstsIncludeSubDomains) | 
| void | setHstsMaxAgeSeconds(int hstsMaxAgeSeconds) | 
| void | setHstsPreload(boolean hstsPreload) | 
| void | setXssProtectionEnabled(boolean xssProtectionEnabled) | 
destroypublic void init(FilterConfig filterConfig) throws ServletException
FilterBaseinit in interface Filterinit in class FilterBasefilterConfig - The configuration information associated with the
                     filter instance being initialisedServletException - if FilterBase.isConfigProblemFatal() returns
                          true and a configured parameter does not
                          have a matching setterpublic void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
FilterdoFilter method of the Filter is called by the container
 each time a request/response pair is passed through the chain due to a
 client request for a resource at the end of the chain. The FilterChain
 passed in to this method allows the Filter to pass on the request and
 response to the next entity in the chain.
 
 A typical implementation of this method would follow the following
 pattern:- 
 1. Examine the request
 2. Optionally wrap the request object with a custom implementation to
 filter content or headers for input filtering 
 3. Optionally wrap the response object with a custom implementation to
 filter content or headers for output filtering 
 4. a) Either invoke the next entity in the chain using
 the FilterChain object (chain.doFilter()), 
 4. b) or not pass on the request/response pair to the
 next entity in the filter chain to block the request processing
 5. Directly set headers on the response after invocation of the next
 entity in the filter chain.
request - The request to processresponse - The response associated with the requestchain - Provides access to the next filter in the chain for this
                 filter to pass the request and response to for further
                 processingIOException - if an I/O error occurs during this filter's
                     processing of the requestServletException - if the processing fails for any other reasonprotected Log getLogger()
getLogger in class FilterBaseprotected boolean isConfigProblemFatal()
FilterBaseisConfigProblemFatal in class FilterBasetrue if a problem should trigger the failure of this
         filter, else falsepublic boolean isHstsEnabled()
public void setHstsEnabled(boolean hstsEnabled)
public int getHstsMaxAgeSeconds()
public void setHstsMaxAgeSeconds(int hstsMaxAgeSeconds)
public boolean isHstsIncludeSubDomains()
public void setHstsIncludeSubDomains(boolean hstsIncludeSubDomains)
public boolean isHstsPreload()
public void setHstsPreload(boolean hstsPreload)
public boolean isAntiClickJackingEnabled()
public void setAntiClickJackingEnabled(boolean antiClickJackingEnabled)
public String getAntiClickJackingOption()
public void setAntiClickJackingOption(String antiClickJackingOption)
public String getAntiClickJackingUri()
public boolean isBlockContentTypeSniffingEnabled()
public void setBlockContentTypeSniffingEnabled(boolean blockContentTypeSniffingEnabled)
public void setAntiClickJackingUri(String antiClickJackingUri)
public boolean isXssProtectionEnabled()
public void setXssProtectionEnabled(boolean xssProtectionEnabled)
Copyright © 2000-2020 Apache Software Foundation. All Rights Reserved.