io.jenkins.plugins.csp.ContentSecurityPolicyFilter

All Implemented Interfaces:: ExtensionPoint, HttpServletFilter

@Extension @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public class ContentSecurityPolicyFilter extends Object implements HttpServletFilter

Inject the CSP header based on ContentSecurityPolicyConfiguration into Jenkins views. The reporting URL is implemented by ContentSecurityPolicyRootAction. At the Filter level, Stapler Context information is not available. We later attempt to add Stapler Context information in ContentSecurityPolicyDecorator.

Nested Class Summary

Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson
Constructor Summary

Constructors

Constructor

Description

ContentSecurityPolicyFilter()
Method Summary

Modifier and Type

Method

Description

boolean

handle(jakarta.servlet.http.HttpServletRequest req, jakarta.servlet.http.HttpServletResponse rsp)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- ContentSecurityPolicyFilter
  
  public ContentSecurityPolicyFilter()
Method Details
- handle
  
  @SuppressRestrictedWarnings(jenkins.security.ResourceDomainConfiguration.class) public boolean handle(jakarta.servlet.http.HttpServletRequest req, jakarta.servlet.http.HttpServletResponse rsp)
  
  Specified by:
  
  handle in interface HttpServletFilter

Class ContentSecurityPolicyFilter

Nested Class Summary

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

ContentSecurityPolicyFilter

Method Details

handle