java.lang.Object
- jetbrains.buildServer.web.HttpSecurityHeadersFilter

All Implemented Interfaces:

javax.servlet.Filter, ContentSecurityPolicyConfig
```
public class HttpSecurityHeadersFilter
extends Object
implements javax.servlet.Filter, ContentSecurityPolicyConfig
```
This is a filter which provides Content-Security-Policy header for TeamCity pages. Issues: https://youtrack.jetbrains.com/issue/TW-50060, https://youtrack.jetbrains.com/issue/TW-52682

Since:

2017.1.2 (19/10/16)

Author:

kir

Field Summary
- Fields inherited from interface jetbrains.buildServer.web.ContentSecurityPolicyConfig
  DIRECTIVE_NAMES

Constructor Summary

Constructors
Constructor Description

HttpSecurityHeadersFilter()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`addDirectiveItems(String directive, String... values)`
`void`	`addUnprotectedPath(String path)`
`void`	`destroy()`
`void`	`doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)`
`void`	`init(javax.servlet.FilterConfig filterConfig)`
`void`	`removeDirectiveItems(String directiveName, String... values)`	The method allows to remove directives added via `ContentSecurityPolicyConfig.addDirectiveItems(String, String...)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - HttpSecurityHeadersFilter
```
public HttpSecurityHeadersFilter()
```
- Method Detail
  - addUnprotectedPath
```
public void addUnprotectedPath(String path)
```
    Specified by:
    
    addUnprotectedPath in interface ContentSecurityPolicyConfig
    
    Parameters:
    
    path - a path for which the CSP header won't be created
    
    Since:
    
    2018.1
  - addDirectiveItems
```
public void addDirectiveItems(String directive,
                              String... values)
```
    Specified by:
    
    addDirectiveItems in interface ContentSecurityPolicyConfig
    
    Parameters:
    
    directive - related CSP directive, must be one of ContentSecurityPolicyConfig.DIRECTIVE_NAMES
    
    values - include quotes when needed, like "'self'"
  - removeDirectiveItems
```
public void removeDirectiveItems(String directiveName,
                                 String... values)
```
    Description copied from interface: ContentSecurityPolicyConfig
    
    The method allows to remove directives added via ContentSecurityPolicyConfig.addDirectiveItems(String, String...)
    
    Specified by:
    
    removeDirectiveItems in interface ContentSecurityPolicyConfig
    
    Parameters:
    
    directiveName - related CSP directive, must be one of ContentSecurityPolicyConfig.DIRECTIVE_NAMES
    
    values - include quotes when needed, like "'self'"
  - init
```
public void init(javax.servlet.FilterConfig filterConfig)
```
    Specified by:
    
    init in interface javax.servlet.Filter
  - doFilter
```
public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
```
    Specified by:
    
    doFilter in interface javax.servlet.Filter
    
    Throws:
    
    IOException
    
    javax.servlet.ServletException
  - destroy
```
public void destroy()
```
    Specified by:
    
    destroy in interface javax.servlet.Filter

Class HttpSecurityHeadersFilter

Field Summary

Fields inherited from interface jetbrains.buildServer.web.ContentSecurityPolicyConfig

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

HttpSecurityHeadersFilter

Method Detail

addUnprotectedPath

addDirectiveItems

removeDirectiveItems

init

doFilter

destroy