andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add content-security-policy and x-frame-options to HttpHeaderNames

Browse Source 
Motivation:

These headers can be used to prevent clickjacking.

Modifications:

Add static fields for content-security-policy and x-frame-options

Result:

Expose general useful names
This commit is contained in:
Norman Maurer 2017-06-26 11:24:56 +02:00
parent 42789d43de
commit cc1a209185
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
codec-http/src/main/java/io/netty/handler/codec/http/HttpHeaderNames.java
View File

@ -144,6 +144,10 @@ public final class HttpHeaderNames {
* {@code "content-range"}
*/
public static final AsciiString CONTENT_RANGE = new AsciiString("content-range");
/**
* {@code "content-security-policy"}
*/
public static final CharSequence CONTENT_SECURITY_POLICY = new AsciiString("content-security-policy");
/**
* {@code "content-type"}
*/
@ -346,6 +350,10 @@ public final class HttpHeaderNames {
* {@code "www-authenticate"}
*/
public static final AsciiString WWW_AUTHENTICATE = new AsciiString("www-authenticate");
/**
* {@code "x-frame-options"}
*/
public static final CharSequence X_FRAME_OPTIONS = new AsciiString("x-frame-options");
private HttpHeaderNames() { }
}