Class CSPHandler

java.lang.Object
io.vertx.reactivex.ext.web.handler.CSPHandler
All Implemented Interfaces:
Handler<RoutingContext>, io.vertx.lang.rx.RxDelegate, SecurityPolicyHandler
public class CSPHandler extends Object implements io.vertx.lang.rx.RxDelegate, SecurityPolicyHandler, Handler<RoutingContext>
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware. CSP is designed to be fully backward compatible. Browsers that don't support it still work with servers that implement it, and vice-versa: browsers that don't support CSP simply ignore it, functioning as usual, defaulting to the standard same-origin policy for web content. If the site doesn't offer the CSP header, browsers likewise use the standard same-origin policy.

NOTE: This class has been automatically generated from the original non RX-ified interface using Vert.x codegen.

  • Field Details

    • __TYPE_ARG

      public static final io.vertx.lang.rx.TypeArg<CSPHandler> __TYPE_ARG

  • Constructor Details

    • CSPHandler

      public CSPHandler(CSPHandler delegate)

    • CSPHandler

      public CSPHandler(Object delegate)

  • Method Details

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • getDelegate

      public CSPHandler getDelegate()
      Specified by:
      getDelegate in interface io.vertx.lang.rx.RxDelegate
      Specified by:
      getDelegate in interface SecurityPolicyHandler

    • handle

      public void handle(RoutingContext event)
      Something has happened, so handle it.
      Specified by:
      handle in interface Handler<RoutingContext>
      Specified by:
      handle in interface SecurityPolicyHandler
      Parameters:
      event - the event to handle

    • create

      public static CSPHandler create()
      Creates a new instance of the handler.
      Returns:
      a new CSP handler.

    • setDirective

      public CSPHandler setDirective(String name, String value)
      Sets a single directive entry to the handler. All previously set or added directives will be replaced. For more information on directives see: Content-Security-Policy.
      Parameters:
      name - the directive name
      value - the directive value.
      Returns:
      fluent self

    • addDirective

      public CSPHandler addDirective(String name, String value)
      Adds a single directive entry to the handler. All previously set or added directives will be preserved. For more information on directives see: Content-Security-Policy.
      Parameters:
      name - the directive name
      value - the directive value.
      Returns:
      fluent self

    • setReportOnly

      public CSPHandler setReportOnly(boolean reportOnly)
      To ease deployment, CSP can be deployed in report-only mode. The policy is not enforced, but any violations are reported to a provided URI. Additionally, a report-only header can be used to test a future revision to a policy without actually deploying it.
      Parameters:
      reportOnly - enable report only
      Returns:
      fluent self.

    • newInstance

      public static CSPHandler newInstance(CSPHandler arg)