Interface CspHelper


public interface CspHelper
Helpers for working with CSP.
  • Method Summary

    Modifier and Type
    Method
    Description
    void
    Add `Content-Security-Policy` header to the response using the configured template.
    Get the generated nonce of the current HTTP response.
    Get the template used for the `Content-Security-Policy` header value, can contain placeholders for the nonce.
    boolean
    Returns true if the configured CSP template contains the `{{ NONCE }}` placeholder for the nonce.
  • Method Details

    • getTemplate

      String getTemplate()
      Get the template used for the `Content-Security-Policy` header value, can contain placeholders for the nonce.
      Returns:
      the CSP header template
    • getNonce

      String getNonce(IMxRuntimeResponse response)
      Get the generated nonce of the current HTTP response.
      Parameters:
      response - current response object
      Returns:
      the nonce
    • hasNonce

      boolean hasNonce(IMxRuntimeResponse response)
      Returns true if the configured CSP template contains the `{{ NONCE }}` placeholder for the nonce.
      Parameters:
      response - current response object
      Returns:
      true if the CSP template contains the nonce placeholder, false otherwise
    • addHeader

      void addHeader(IMxRuntimeResponse response)
      Add `Content-Security-Policy` header to the response using the configured template.
      Parameters:
      response - current response object.