[struts-site] branch feature/csp-aware created (now 596d1ffed)
This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a change to branch feature/csp-aware in repository https://gitbox.apache.org/repos/asf/struts-site.git at 596d1ffed Adds info how to use CspSettingAware interface This branch includes the following new commits: new 596d1ffed Adds info how to use CspSettingAware interface The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[struts-site] 01/01: Adds info how to use CspSettingAware interface
This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a commit to branch feature/csp-aware
in repository https://gitbox.apache.org/repos/asf/struts-site.git
commit 596d1ffede3c12de1684604e4b0575d29259a452
Author: Lukasz Lenart
AuthorDate: Tue Jul 18 09:12:19 2023 +0200
Adds info how to use CspSettingAware interface
---
source/core-developers/csp-interceptor.md | 22 ++
1 file changed, 22 insertions(+)
diff --git a/source/core-developers/csp-interceptor.md
b/source/core-developers/csp-interceptor.md
index b29584d4b..d112683cb 100644
--- a/source/core-developers/csp-interceptor.md
+++ b/source/core-developers/csp-interceptor.md
@@ -7,6 +7,10 @@ parent:
---
# Content Security Policy Interceptor
+{:.no_toc}
+
+* Will be replaced with the ToC, excluding a header
+{:toc}
## Description
@@ -27,6 +31,24 @@ CSP is now supported by all major browsers. [More
information about CSP](https:/
is going to be enforced.
- `reportUri` - an uri under, which the violations have to be reported.
+## Action aware
+
+Since Struts 6.2.0 it is possible to configure the CSP interceptor by
providing the an instance of `CspSettings` interface.
+Please use `CspSettingsAware` interface and implement the `getCspSettings()`
method to steer the policy per action.
+
+```java
+public class MyAction implements CspSettingsAware {
+
+public String execute() {
+return "success";
+}
+
+public CspSetting getCspSettings() {
+ ...
+}
+}
+```
+
## Examples
```xml
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/struts-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new 0e00ac482 Updates stage by Jenkins
0e00ac482 is described below
commit 0e00ac48206eeb57d340a980aabc30edc3272614
Author: jenkins
AuthorDate: Tue Jul 18 07:18:36 2023 +
Updates stage by Jenkins
---
content/core-developers/csp-interceptor.html | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/content/core-developers/csp-interceptor.html
b/content/core-developers/csp-interceptor.html
index fae9c3ec8..d4d486fc1 100644
--- a/content/core-developers/csp-interceptor.html
+++ b/content/core-developers/csp-interceptor.html
@@ -131,7 +131,14 @@
<< back to
Interceptors
-Content Security Policy
Interceptor
+Content
Security Policy Interceptor
+
+
+ Description
+ Parameters
+ Action
aware
+ Examples
+
Description
@@ -154,6 +161,23 @@ is going to be enforced.
reportUri - an
uri under, which the violations have to be reported.
+Action aware
+
+Since Struts 6.2.0 it is possible to configure the CSP interceptor by
providing the an instance of CspSettings interface.
+Please use CspSettingsAware interface and implement the getCspSettings() method to
steer the policy per action.
+
+public class MyAction implements CspSettingsAware {
+
+public String execute() {
+return "success";
+}
+
+public CspSetting getCspSettings() {
+ ...
+}
+}
+
+
Examples
[struts-site] 01/01: Merge pull request #199 from apache/feature/csp-aware
This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/struts-site.git commit f194fbbaeb4bbccda99fb8bef2973c551141f7c2 Merge: cba3fd2cb 596d1ffed Author: Lukasz Lenart AuthorDate: Tue Jul 18 09:40:35 2023 +0200 Merge pull request #199 from apache/feature/csp-aware Adds info how to use CspSettingAware interface source/core-developers/csp-interceptor.md | 22 ++ 1 file changed, 22 insertions(+)
[struts-site] branch master updated (cba3fd2cb -> f194fbbae)
This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/struts-site.git from cba3fd2cb Fixes version note add 596d1ffed Adds info how to use CspSettingAware interface new f194fbbae Merge pull request #199 from apache/feature/csp-aware The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: source/core-developers/csp-interceptor.md | 22 ++ 1 file changed, 22 insertions(+)
[struts-site] branch feature/csp-aware deleted (was 596d1ffed)
This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a change to branch feature/csp-aware in repository https://gitbox.apache.org/repos/asf/struts-site.git was 596d1ffed Adds info how to use CspSettingAware interface The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[struts-site] branch asf-site updated: Automatic Site Publish by Buildbot
This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/struts-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new ec39d5f26 Automatic Site Publish by Buildbot
ec39d5f26 is described below
commit ec39d5f263f7032f6049bb3c130d9fec1599def8
Author: buildbot
AuthorDate: Tue Jul 18 07:41:09 2023 +
Automatic Site Publish by Buildbot
---
output/core-developers/csp-interceptor.html | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/output/core-developers/csp-interceptor.html
b/output/core-developers/csp-interceptor.html
index fae9c3ec8..d4d486fc1 100644
--- a/output/core-developers/csp-interceptor.html
+++ b/output/core-developers/csp-interceptor.html
@@ -131,7 +131,14 @@
<< back to
Interceptors
-Content Security Policy
Interceptor
+Content
Security Policy Interceptor
+
+
+ Description
+ Parameters
+ Action
aware
+ Examples
+
Description
@@ -154,6 +161,23 @@ is going to be enforced.
reportUri - an
uri under, which the violations have to be reported.
+Action aware
+
+Since Struts 6.2.0 it is possible to configure the CSP interceptor by
providing the an instance of CspSettings interface.
+Please use CspSettingsAware interface and implement the getCspSettings() method to
steer the policy per action.
+
+public class MyAction implements CspSettingsAware {
+
+public String execute() {
+return "success";
+}
+
+public CspSetting getCspSettings() {
+ ...
+}
+}
+
+
Examples
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new f2b539785 Updates stage by Jenkins f2b539785 is described below commit f2b5397859d82f501b013a3e5e223db3c9627b46 Author: jenkins AuthorDate: Tue Jul 18 07:44:42 2023 + Updates stage by Jenkins
