Class CSPHandler
- java.lang.Object
-
- io.vertx.reactivex.ext.web.handler.CSPHandler
-
- All Implemented Interfaces:
Handler<RoutingContext>,SecurityPolicyHandler
public class CSPHandler extends Object implements SecurityPolicyHandler, Handler<RoutingContext>
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware. CSP is designed to be fully backward compatible. Browsers that don't support it still work with servers that implement it, and vice-versa: browsers that don't support CSP simply ignore it, functioning as usual, defaulting to the standard same-origin policy for web content. If the site doesn't offer the CSP header, browsers likewise use the standard same-origin policy. NOTE: This class has been automatically generated from theoriginalnon RX-ified interface using Vert.x codegen.
-
-
Field Summary
Fields Modifier and Type Field Description static TypeArg<CSPHandler>__TYPE_ARG
-
Constructor Summary
Constructors Constructor Description CSPHandler(CSPHandler delegate)CSPHandler(Object delegate)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description CSPHandleraddDirective(String name, String value)Adds a single directive entry to the handler.static CSPHandlercreate()Creates a new instance of the handler.booleanequals(Object o)CSPHandlergetDelegate()voidhandle(RoutingContext event)Something has happened, so handle it.inthashCode()static CSPHandlernewInstance(CSPHandler arg)CSPHandlersetDirective(String name, String value)Sets a single directive entry to the handler.CSPHandlersetReportOnly(boolean reportOnly)To ease deployment, CSP can be deployed in report-only mode.StringtoString()
-
-
-
Field Detail
-
__TYPE_ARG
public static final TypeArg<CSPHandler> __TYPE_ARG
-
-
Constructor Detail
-
CSPHandler
public CSPHandler(CSPHandler delegate)
-
CSPHandler
public CSPHandler(Object delegate)
-
-
Method Detail
-
getDelegate
public CSPHandler getDelegate()
- Specified by:
getDelegatein interfaceSecurityPolicyHandler
-
handle
public void handle(RoutingContext event)
Something has happened, so handle it.- Specified by:
handlein interfaceHandler<RoutingContext>- Specified by:
handlein interfaceSecurityPolicyHandler- Parameters:
event- the event to handle
-
create
public static CSPHandler create()
Creates a new instance of the handler.- Returns:
- a new CSP handler.
-
setDirective
public CSPHandler setDirective(String name, String value)
Sets a single directive entry to the handler. All previously set or added directives will be replaced. For more information on directives see: Content-Security-Policy.- Parameters:
name- the directive namevalue- the directive value.- Returns:
- fluent self
-
addDirective
public CSPHandler addDirective(String name, String value)
Adds a single directive entry to the handler. All previously set or added directives will be preserved. For more information on directives see: Content-Security-Policy.- Parameters:
name- the directive namevalue- the directive value.- Returns:
- fluent self
-
setReportOnly
public CSPHandler setReportOnly(boolean reportOnly)
To ease deployment, CSP can be deployed in report-only mode. The policy is not enforced, but any violations are reported to a provided URI. Additionally, a report-only header can be used to test a future revision to a policy without actually deploying it.- Parameters:
reportOnly- enable report only- Returns:
- fluent self.
-
newInstance
public static CSPHandler newInstance(CSPHandler arg)
-
-