Attributes
- Companion
- trait
- Graph
-
- Supertypes
- Self type
Members list
Type members
Classlikes
Indicates content from all sources is allowed.
Indicates content from all sources is allowed.
Attributes
- Supertypes
-
trait Singletontrait Producttrait Mirrortrait Serializabletrait Producttrait Equalstrait GeneralSourceRestrictiontrait ContentSourceRestrictionclass Objecttrait Matchableclass AnyShow all
- Self type
-
All.type
Indicates content from the given host path is allowed. See the Content-Security-Policy spec's matching rules for `host-source` for more about what this can look like.
Indicates content from the given host path is allowed. See the Content-Security-Policy spec's matching rules for `host-source` for more about what this can look like.
Example:
Host("https://base.*.example.com")
Attributes
- Supertypes
-
trait Serializabletrait Producttrait Equalstrait GeneralSourceRestrictiontrait ContentSourceRestrictionclass Objecttrait Matchableclass AnyShow all
Indicates content from no sources is allowed.
Indicates content from no sources is allowed.
Attributes
- Supertypes
-
trait Singletontrait Producttrait Mirrortrait Serializabletrait Producttrait Equalstrait GeneralSourceRestrictiontrait ContentSourceRestrictionclass Objecttrait Matchableclass AnyShow all
- Self type
-
None.type
Indicates content from the given scheme is allowed. The scheme should not include the trailing :.
Indicates content from the given scheme is allowed. The scheme should not include the trailing :.
Example:
Scheme("data")
Attributes
- Supertypes
-
trait Serializabletrait Producttrait Equalstrait GeneralSourceRestrictiontrait ContentSourceRestrictionclass Objecttrait Matchableclass AnyShow all
Indicates content from the same origin as the content is allowed.
Indicates content from the same origin as the content is allowed.
Attributes
- Supertypes
-
trait Singletontrait Producttrait Mirrortrait Serializabletrait Producttrait Equalstrait GeneralSourceRestrictiontrait ContentSourceRestrictionclass Objecttrait Matchableclass AnyShow all
- Self type
-
Self.type
Indicates eval and related functionality can be used. Some of Lift's functionality, including idMemoize and comet handling, relies on eval, so not including this in your script sources will mean you won't be able to use those.
Indicates eval and related functionality can be used. Some of Lift's functionality, including idMemoize and comet handling, relies on eval, so not including this in your script sources will mean you won't be able to use those.
If not specified for JavaScript, invoking eval, the Function constructor, or setTimeout/setInterval with a string parameter will all throw security exceptions in a browser that supports content security policies.
Attributes
- Supertypes
- Self type
-
UnsafeEval.type
Indicates inline content on the page is allowed to be interpreted. It is highly recommended that this not be used, as it exposes your application to cross-site scripting and other vulnerabilities.
Indicates inline content on the page is allowed to be interpreted. It is highly recommended that this not be used, as it exposes your application to cross-site scripting and other vulnerabilities.
If not specified for JavaScript, JavaScript on* event handler attributes, <script> elements, and javascript: URIs will not be executed by a browser that supports content security policies.
If not specified for stylesheets, <style> elements and inline style attributes will not be read by a browser that supports content security policies.
Attributes
- Supertypes
- Self type
-
UnsafeInline.type
Inherited and Abstract types
The names of the product elements
The name of the type