Home > Back-end >  Spring Boot: How to change the Content Security Policy at runtime?
Spring Boot: How to change the Content Security Policy at runtime?

Time:12-03

I'm trying to hot-reload a change in the content security policy (CSP) of my Spring Boot application, i.e. the user should be able to change it via an admin UI without restarting the server.

The regular approach in Spring Boot is:

@Configuration
class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) {
        // ... lots more config here...
        http.headers()
            .addHeaderWriter(
                 StaticHeadersWriter(
                     "Content-Security-Policy", 
                     "<some policy string>"
                 )
            )
    } 
}

... but this doesn't allow for reconfiguration once it has been assigned.

Can I make this (re-)configurable at runtime? Reloading the application context is not an option, I need to be able to adapt only this particular setting.

CodePudding user response:

Easy-Peasy, we only need to expose a (n appropriate) HeaderWriter as a bean! change header browser screenshot

All in one github.(sorry all in main class!:)

Refs: only this

Page link:https//www.codepudding.com/Backend/214259.html

Prev:What cause the different times function if the dataframe has a columns name?
Next:Multiple REST Calls using Spring Boot
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding