Interface AllowFromStrategy
-
- All Known Implementing Classes:
AbstractRequestParameterAllowFromStrategy
,RegExpAllowFromStrategy
,StaticAllowFromStrategy
,WhiteListedAllowFromStrategy
@Deprecated public interface AllowFromStrategy
Deprecated.ALLOW-FROM is an obsolete directive that no longer works in modern browsers. Instead use Content-Security-Policy with the frame-ancestors directive.Strategy interfaces used by theFrameOptionsHeaderWriter
to determine the actual value to use for the X-Frame-Options header when using the ALLOW-FROM directive.- Since:
- 3.2
-
-
Method Summary
All Methods Instance Methods Abstract Methods Deprecated Methods Modifier and Type Method Description java.lang.String
getAllowFromValue(javax.servlet.http.HttpServletRequest request)
Deprecated.Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
-
-
-
Method Detail
-
getAllowFromValue
java.lang.String getAllowFromValue(javax.servlet.http.HttpServletRequest request)
Deprecated.Gets the value for ALLOW-FROM excluding the ALLOW-FROM. For example, the result might be "https://example.com/".- Parameters:
request
- theHttpServletRequest
- Returns:
- the value for ALLOW-FROM or null if no header should be added for this request.
-
-