Class SecurityHeaders.Builder
java.lang.Object
cloud.opencode.base.web.security.SecurityHeaders.Builder
- Enclosing class:
SecurityHeaders
Builder for SecurityHeaders - fluent API for constructing security header sets.
SecurityHeaders 构建器 - 用于构建安全头部集的流式 API。
- Since:
- JDK 25, opencode-base-web V1.0.3
- Author:
- Leon Soo www.LeonSoo.com
-
Method Summary
Modifier and TypeMethodDescriptionbuild()Builds the SecurityHeaders.contentSecurityPolicy(String policy) Sets the Content-Security-Policy header.crossOriginEmbedderPolicy(String policy) Sets the Cross-Origin-Embedder-Policy header.crossOriginOpenerPolicy(String policy) Sets the Cross-Origin-Opener-Policy header.permissionsPolicy(String policy) Sets the Permissions-Policy header.Sets the Referrer-Policy header.strictTransportSecurity(long maxAge, boolean includeSubDomains) Sets the Strict-Transport-Security header.Sets the X-Content-Type-Options header to "nosniff".Sets the X-Frame-Options header.Sets the X-XSS-Protection header to "0" (modern best practice: disable browser XSS filter).
-
Method Details
-
contentSecurityPolicy
Sets the Content-Security-Policy header. 设置 Content-Security-Policy 头部。- Parameters:
policy- the CSP policy string - CSP 策略字符串- Returns:
- this builder - 此构建器
-
strictTransportSecurity
Sets the Strict-Transport-Security header. 设置 Strict-Transport-Security 头部。- Parameters:
maxAge- the max age in seconds - 最大时间(秒)includeSubDomains- whether to include subdomains - 是否包含子域名- Returns:
- this builder - 此构建器
- Throws:
IllegalArgumentException- if maxAge is negative - 如果 maxAge 为负数
-
xFrameOptions
Sets the X-Frame-Options header. 设置 X-Frame-Options 头部。- Parameters:
option- the frame option - 框架选项- Returns:
- this builder - 此构建器
-
xContentTypeOptions
Sets the X-Content-Type-Options header to "nosniff". 设置 X-Content-Type-Options 头部为 "nosniff"。- Returns:
- this builder - 此构建器
-
xXssProtection
Sets the X-XSS-Protection header to "0" (modern best practice: disable browser XSS filter). 设置 X-XSS-Protection 头部为 "0"(现代最佳实践:禁用浏览器 XSS 过滤器)。- Returns:
- this builder - 此构建器
-
referrerPolicy
Sets the Referrer-Policy header. 设置 Referrer-Policy 头部。- Parameters:
policy- the referrer policy - 来源策略- Returns:
- this builder - 此构建器
-
permissionsPolicy
Sets the Permissions-Policy header. 设置 Permissions-Policy 头部。- Parameters:
policy- the permissions policy string - 权限策略字符串- Returns:
- this builder - 此构建器
-
crossOriginEmbedderPolicy
Sets the Cross-Origin-Embedder-Policy header. 设置 Cross-Origin-Embedder-Policy 头部。- Parameters:
policy- the COEP value (e.g., "require-corp", "unsafe-none") - COEP 值- Returns:
- this builder - 此构建器
-
crossOriginOpenerPolicy
Sets the Cross-Origin-Opener-Policy header. 设置 Cross-Origin-Opener-Policy 头部。- Parameters:
policy- the COOP value (e.g., "same-origin", "same-origin-allow-popups") - COOP 值- Returns:
- this builder - 此构建器
-
build
Builds the SecurityHeaders. 构建 SecurityHeaders。- Returns:
- the SecurityHeaders - SecurityHeaders 实例
-