Java 类org.springframework.security.web.header.writers.HstsHeaderWriter 实例源码

public static void configureHeaders(HeadersConfigurer<?> configurer,
        SecurityProperties.Headers headers) throws Exception {
    if (headers.getHsts() != Headers.HSTS.NONE) {
        boolean includeSubdomains = headers.getHsts() == Headers.HSTS.ALL;
        HstsHeaderWriter writer = new HstsHeaderWriter(includeSubdomains);
        writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
        configurer.addHeaderWriter(writer);
    }
    if (!headers.isContentType()) {
        configurer.contentTypeOptions().disable();
    }
    if (!headers.isXss()) {
        configurer.xssProtection().disable();
    }
    if (!headers.isCache()) {
        configurer.cacheControl().disable();
    }
    if (!headers.isFrame()) {
        configurer.frameOptions().disable();
    }
}

public static void configureHeaders(HeadersConfigurer<?> configurer,
        SecurityProperties.Headers headers) throws Exception {
    if (headers.getHsts() != Headers.HSTS.NONE) {
        boolean includeSubdomains = headers.getHsts() == Headers.HSTS.ALL;
        HstsHeaderWriter writer = new HstsHeaderWriter(includeSubdomains);
        writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
        configurer.addHeaderWriter(writer);
    }
    if (!headers.isContentType()) {
        configurer.contentTypeOptions().disable();
    }
    if (!headers.isXss()) {
        configurer.xssProtection().disable();
    }
    if (!headers.isCache()) {
        configurer.cacheControl().disable();
    }
    if (!headers.isFrame()) {
        configurer.frameOptions().disable();
    }
}

public static void configureHeaders(HeadersConfigurer<?> configurer,
        SecurityProperties.Headers headers) throws Exception {
    if (headers.getHsts() != Headers.HSTS.NONE) {
        boolean includeSubdomains = headers.getHsts() == Headers.HSTS.ALL;
        HstsHeaderWriter writer = new HstsHeaderWriter(includeSubdomains);
        writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
        configurer.addHeaderWriter(writer);
    }
    if (!headers.isContentType()) {
        configurer.contentTypeOptions().disable();
    }
    if (!headers.isXss()) {
        configurer.xssProtection().disable();
    }
    if (!headers.isCache()) {
        configurer.cacheControl().disable();
    }
    if (!headers.isFrame()) {
        configurer.frameOptions().disable();
    }
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint());
    http.csrf().disable();
    http.headers()
        .addHeaderWriter(new HstsHeaderWriter(false));

    if (casEnabled) {
        http.addFilter(casAuthenticationFilter());
        http.addFilter(casLogoutFilter());
    }

    if (facebookEnabled || googleEnabled || twitterEnabled) {
        CallbackFilter callbackFilter = new CallbackFilter(oauthConfig());
        callbackFilter.setSuffix(OAUTH_CALLBACK_PATH_SUFFIX);
        callbackFilter.setDefaultUrl(rootUrl + apiPath + "/");
        http.addFilterAfter(callbackFilter, CasAuthenticationFilter.class);
    }
}

private static void configureHeaders(HeadersConfigurer<?> headers) throws Exception {
    HstsHeaderWriter writer = new HstsHeaderWriter(false);
    writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
    headers.contentTypeOptions().and().xssProtection()
            .and().cacheControl()
            .and().frameOptions().sameOrigin()
            .addHeaderWriter(writer);
}

private static void configureHeaders(HeadersConfigurer<?> headers) throws Exception {
    HstsHeaderWriter writer = new HstsHeaderWriter(false);
    writer.setRequestMatcher(AnyRequestMatcher.INSTANCE);
    headers.contentTypeOptions().and().xssProtection()
            .and().cacheControl().and().addHeaderWriter(writer).frameOptions();
}