• Home
• org.skinny-framework
• skinny-micro_2.11
• 2.2.0
• source code
• XFrameOptionsHeaderSupport.scala

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

skinny.micro.contrib.XFrameOptionsHeaderSupport.scala Maven / Gradle / Ivy

package skinny.micro.contrib

import skinny.micro.SkinnyMicroBase
import skinny.micro.base.BeforeAfterDsl

/**
 * X-Frame-Options header support
 *
 * - https://www.owasp.org/index.php/List_of_useful_HTTP_headers
 */
trait XFrameOptionsHeaderSupport { self: SkinnyMicroBase with BeforeAfterDsl =>

  // NOTE: There are three possible values for the X-Frame-Options headers.
  // - "deny" which prevents any domain from framing the content.
  // - "sameorigin" which only allows the current site to frame the content.
  // - "allow-from uri" which permits the specified 'uri' to frame this page.
  lazy val xFrameOptionsPolicy = "sameorigin"

  // NOTE: for all HTML responses defined as Skinny routes
  before() {
    response(context).setHeader("X-Frame-Options", xFrameOptionsPolicy)
  }

}