Class AddResponseHeadersFilter
- java.lang.Object
-
- org.apereo.cas.web.support.filters.AbstractSecurityFilter
-
- org.apereo.cas.web.support.filters.AddResponseHeadersFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
public class AddResponseHeadersFilter extends AbstractSecurityFilter implements javax.servlet.Filter
Allows users to easily inject the default security headers to assist in protecting the application. The default for is to include the following headers: <pre> Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=15768000 ; includeSubDomains X-Frame-Options: DENY X-XSS-Protection: 1; mode=block </pre>- Since:
- 6.1.0
-
-
Field Summary
-
Fields inherited from class org.apereo.cas.web.support.filters.AbstractSecurityFilter
THROW_ON_ERROR
-
-
Constructor Summary
Constructors Constructor Description AddResponseHeadersFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voiddestroy()voiddoFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain filterChain)voidinit(javax.servlet.FilterConfig filterConfig)-
Methods inherited from class org.apereo.cas.web.support.filters.AbstractSecurityFilter
isThrowOnErrors, logException, setThrowOnErrors
-
-
-
-
Method Detail
-
init
public void init(javax.servlet.FilterConfig filterConfig)
- Specified by:
initin interfacejavax.servlet.Filter
-
doFilter
public void doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain filterChain) throws java.io.IOException, javax.servlet.ServletException- Specified by:
doFilterin interfacejavax.servlet.Filter- Throws:
java.io.IOExceptionjavax.servlet.ServletException
-
destroy
public void destroy()
- Specified by:
destroyin interfacejavax.servlet.Filter
-
-