Packages

final case class SecurityRules(https: Option[HttpsRules] = None, content: Option[ContentSecurityPolicy] = Some(ContentSecurityPolicy()), frameRestrictions: Option[FrameRestrictions] = Some(FrameRestrictions.SameOrigin), enforceInOtherModes: Boolean = false, logInOtherModes: Boolean = true, enforceInDevMode: Boolean = false, logInDevMode: Boolean = true) extends Product with Serializable

Specifies security rules for a Lift application. By default, HTTPS is not required and Content-Security-Policy is restricted to the current domain for everything except images, which are accepted from any domain. Additionally, served pages can only be embedded in other frames from the current domain.

You can use SecurityRules.secure to enable more restrictive, but also more secure, defaults.

enforceInDevMode

If true, security policies and HTTPS rules are enforced in dev mode in addition to staging/pilot/production/etc.

logInDevMode

If true, dev mode violations of security policies are logged by default. Note that if you override LiftRules.contentSecurityPolicyViolationReport or otherwise change the default Lift policy violation handling behavior, it will be up to you to handle this property as desired.

Linear Supertypes
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. SecurityRules
  2. Serializable
  3. Serializable
  4. Product
  5. Equals
  6. AnyRef
  7. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Instance Constructors

  1. new SecurityRules(https: Option[HttpsRules] = None, content: Option[ContentSecurityPolicy] = Some(ContentSecurityPolicy()), frameRestrictions: Option[FrameRestrictions] = Some(FrameRestrictions.SameOrigin), enforceInOtherModes: Boolean = false, logInOtherModes: Boolean = true, enforceInDevMode: Boolean = false, logInDevMode: Boolean = true)

    enforceInDevMode

    If true, security policies and HTTPS rules are enforced in dev mode in addition to staging/pilot/production/etc.

    logInDevMode

    If true, dev mode violations of security policies are logged by default. Note that if you override LiftRules.contentSecurityPolicyViolationReport or otherwise change the default Lift policy violation handling behavior, it will be up to you to handle this property as desired.

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  5. def clone(): AnyRef
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  6. val content: Option[ContentSecurityPolicy]
  7. val enforceInDevMode: Boolean
  8. val enforceInOtherModes: Boolean
  9. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  10. def finalize(): Unit
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  11. val frameRestrictions: Option[FrameRestrictions]
  12. final def getClass(): Class[_]
    Definition Classes
    AnyRef → Any
  13. lazy val headers: List[(String, String)]

    Returns the headers implied by this set of security rules.

  14. val https: Option[HttpsRules]
  15. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  16. val logInDevMode: Boolean
  17. val logInOtherModes: Boolean
  18. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  19. final def notify(): Unit
    Definition Classes
    AnyRef
  20. final def notifyAll(): Unit
    Definition Classes
    AnyRef
  21. final def synchronized[T0](arg0: ⇒ T0): T0
    Definition Classes
    AnyRef
  22. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  23. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  24. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

Inherited from Serializable

Inherited from Serializable

Inherited from Product

Inherited from Equals

Inherited from AnyRef

Inherited from Any

Ungrouped