Interface ContentSecurityPolicyNonceProvider


public interface ContentSecurityPolicyNonceProvider
Author:
Iván Zaera Avellón
  • Method Summary

    Modifier and Type
    Method
    Description
    getNonce(javax.servlet.http.HttpServletRequest httpServletRequest)
    Get the nonce associated to a request.
  • Method Details

    • getNonce

      String getNonce(javax.servlet.http.HttpServletRequest httpServletRequest)
      Get the nonce associated to a request. If the request is not available a fallback ThreadLocal managed by the ContentSecurityPolicyFilter is used instead. It is strongly discouraged to make the provider use the ThreadLocal if the request can be obtained by any mean in the calling code.
      Parameters:
      httpServletRequest - the current request or null if not available
      Returns:
      the nonce or "" if CSP is not active