Packages

object ContentSourceRestriction

Linear Supertypes
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. ContentSourceRestriction
  2. AnyRef
  3. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Type Members

  1. case class Host (hostAndPath: String) extends GeneralSourceRestriction with Product with Serializable

    Indicates content from the given host path is allowed.

    Indicates content from the given host path is allowed. See the Content-Security-Policy spec's matching rules for host-source for more about what this can look like.

    Example:

    Host("https://base.*.example.com")
  2. case class Scheme (scheme: String) extends GeneralSourceRestriction with Product with Serializable

    Indicates content from the given scheme is allowed.

    Indicates content from the given scheme is allowed. The scheme should not include the trailing :.

    Example:

    Scheme("data")

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  5. def clone(): AnyRef
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  6. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  7. def equals(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  8. def finalize(): Unit
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  9. final def getClass(): Class[_]
    Definition Classes
    AnyRef → Any
  10. def hashCode(): Int
    Definition Classes
    AnyRef → Any
  11. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  12. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  13. final def notify(): Unit
    Definition Classes
    AnyRef
  14. final def notifyAll(): Unit
    Definition Classes
    AnyRef
  15. final def synchronized[T0](arg0: ⇒ T0): T0
    Definition Classes
    AnyRef
  16. def toString(): String
    Definition Classes
    AnyRef → Any
  17. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  18. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  19. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  20. object All extends GeneralSourceRestriction with Product with Serializable

    Indicates content from all sources is allowed.

  21. object None extends GeneralSourceRestriction with Product with Serializable

    Indicates content from no sources is allowed.

  22. object Self extends GeneralSourceRestriction with Product with Serializable

    Indicates content from the same origin as the content is allowed.

  23. object UnsafeEval extends JavaScriptSourceRestriction with Product with Serializable

    Indicates eval and related functionality can be used.

    Indicates eval and related functionality can be used. Some of Lift's functionality, including idMemoize and comet handling, relies on eval, so not including this in your script sources will mean you won't be able to use those.

    If not specified for JavaScript, invoking eval, the Function constructor, or setTimeout/setInterval with a string parameter will all throw security exceptions in a browser that supports content security policies.

  24. object UnsafeInline extends JavaScriptSourceRestriction with StylesheetSourceRestriction with Product with Serializable

    Indicates inline content on the page is allowed to be interpreted.

    Indicates inline content on the page is allowed to be interpreted. It is highly recommended that this not be used, as it exposes your application to cross-site scripting and other vulnerabilities.

    If not specified for JavaScript, JavaScript on* event handler attributes, <script> elements, and javascript: URIs will not be executed by a browser that supports content security policies.

    If not specified for stylesheets, <style> elements and inline style attributes will not be read by a browser that supports content security policies.

Inherited from AnyRef

Inherited from Any

Ungrouped