diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index 52edbc37c2..fdacf32ce3 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -1439,16 +1439,18 @@ public class ServerHttpSecurity { * Configures the max age. Default is one year. * @param maxAge the max age */ - public void maxAge(Duration maxAge) { + public HstsSpec maxAge(Duration maxAge) { HeaderSpec.this.hsts.setMaxAge(maxAge); + return this; } /** * Configures if subdomains should be included. Default is true * @param includeSubDomains if subdomains should be included */ - public void includeSubdomains(boolean includeSubDomains) { + public HstsSpec includeSubdomains(boolean includeSubDomains) { HeaderSpec.this.hsts.setIncludeSubDomains(includeSubDomains); + return this; } /** diff --git a/config/src/test/java/org/springframework/security/config/web/server/HeaderSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/HeaderSpecTests.java index 562542477b..e1b0dfe658 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/HeaderSpecTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/HeaderSpecTests.java @@ -110,8 +110,9 @@ public class HeaderSpecTests { public void headersWhenHstsCustomThenCustomHstsWritten() { this.expectedHeaders.remove(StrictTransportSecurityServerHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); this.expectedHeaders.add(StrictTransportSecurityServerHttpHeadersWriter.STRICT_TRANSPORT_SECURITY, "max-age=60"); - this.headers.hsts().maxAge(Duration.ofSeconds(60)); - this.headers.hsts().includeSubdomains(false); + this.headers.hsts() + .maxAge(Duration.ofSeconds(60)) + .includeSubdomains(false); assertHeaders(); }