Package com.atlassian.bamboo.filter
Class BambooHttpHeaderSecurityFilter
java.lang.Object
com.atlassian.bamboo.filter.BambooHttpHeaderSecurityFilter
- All Implemented Interfaces:
javax.servlet.Filter
A servlet filter that adds security headers to HTTP responses
This filter is responsible for adding the following headers to secure from certain types of attacks:
+ HTTP Strict Transport Security (HSTS) - Man-in-the-middle attacks (MITM)
+ X-XSS-Protection - Cross-site scripting (XSS)
+ X-Frame-Options - Clickjacking attacks
+ X-Content-Type-Options - MIME-sniffing vulnerabilities
+ Content-Security-Policy - Various attack mitigation
+ Referrer-Policy - Control referrer information
+ Permissions-Policy - Control feature usage
-
Field Details
-
DEFAULT_CSP_VALUE
-
DEFAULT_PERMISSIONS_POLICY_VALUE
-
DEFAULT_REFERRER_POLICY_VALUE
- See Also:
-
DEFAULT_X_FRAME_OPTIONS_VALUE
- See Also:
-
DEFAULT_X_CONTENT_TYPE_OPTIONS_VALUE
- See Also:
-
DEFAULT_XSS_PROTECTION_VALUE
- See Also:
-
-
Constructor Details
-
BambooHttpHeaderSecurityFilter
public BambooHttpHeaderSecurityFilter()
-
-
Method Details
-
destroy
public void destroy()- Specified by:
destroyin interfacejavax.servlet.Filter
-
init
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException - Specified by:
initin interfacejavax.servlet.Filter- Throws:
javax.servlet.ServletException
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException - Specified by:
doFilterin interfacejavax.servlet.Filter- Throws:
IOExceptionjavax.servlet.ServletException
-