commit
5f2744db33
|
@ -266,7 +266,11 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
|
||||||
* @return the {@link HpkpConfig} for additional customizations
|
* @return the {@link HpkpConfig} for additional customizations
|
||||||
*
|
*
|
||||||
* @since 4.1
|
* @since 4.1
|
||||||
|
* @deprecated see <a href=
|
||||||
|
* "https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate
|
||||||
|
* and Public Key Pinning</a> for more context
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public HpkpConfig httpPublicKeyPinning() {
|
public HpkpConfig httpPublicKeyPinning() {
|
||||||
return this.hpkp.enable();
|
return this.hpkp.enable();
|
||||||
}
|
}
|
||||||
|
@ -277,7 +281,11 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
|
||||||
* @param hpkpCustomizer the {@link Customizer} to provide more options for the
|
* @param hpkpCustomizer the {@link Customizer} to provide more options for the
|
||||||
* {@link HpkpConfig}
|
* {@link HpkpConfig}
|
||||||
* @return the {@link HeadersConfigurer} for additional customizations
|
* @return the {@link HeadersConfigurer} for additional customizations
|
||||||
|
* @deprecated see <a href=
|
||||||
|
* "https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate
|
||||||
|
* and Public Key Pinning</a> for more context
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public HeadersConfigurer<H> httpPublicKeyPinning(Customizer<HpkpConfig> hpkpCustomizer) {
|
public HeadersConfigurer<H> httpPublicKeyPinning(Customizer<HpkpConfig> hpkpCustomizer) {
|
||||||
hpkpCustomizer.customize(this.hpkp.enable());
|
hpkpCustomizer.customize(this.hpkp.enable());
|
||||||
return HeadersConfigurer.this;
|
return HeadersConfigurer.this;
|
||||||
|
@ -1040,6 +1048,12 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @deprecated see <a href=
|
||||||
|
* "https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate
|
||||||
|
* and Public Key Pinning</a> for more context
|
||||||
|
*/
|
||||||
|
@Deprecated
|
||||||
public final class HpkpConfig {
|
public final class HpkpConfig {
|
||||||
|
|
||||||
private HpkpHeaderWriter writer;
|
private HpkpHeaderWriter writer;
|
||||||
|
|
|
@ -117,7 +117,9 @@ class HeadersDsl {
|
||||||
* href="https://tools.ietf.org/html/rfc7469">HTTP Public Key Pinning (HPKP)</a>.
|
* href="https://tools.ietf.org/html/rfc7469">HTTP Public Key Pinning (HPKP)</a>.
|
||||||
*
|
*
|
||||||
* @param hpkpConfig the customization to apply to the header
|
* @param hpkpConfig the customization to apply to the header
|
||||||
|
* @deprecated see <a href="https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate and Public Key Pinning</a> for more context
|
||||||
*/
|
*/
|
||||||
|
@Deprecated(message = "as of 5.8 with no replacement")
|
||||||
fun httpPublicKeyPinning(hpkpConfig: HttpPublicKeyPinningDsl.() -> Unit) {
|
fun httpPublicKeyPinning(hpkpConfig: HttpPublicKeyPinningDsl.() -> Unit) {
|
||||||
this.hpkp = HttpPublicKeyPinningDsl().apply(hpkpConfig).get()
|
this.hpkp = HttpPublicKeyPinningDsl().apply(hpkpConfig).get()
|
||||||
}
|
}
|
||||||
|
|
|
@ -33,8 +33,10 @@ import org.springframework.security.config.annotation.web.configurers.HeadersCon
|
||||||
* @property reportOnly if true, the browser should not terminate the connection with
|
* @property reportOnly if true, the browser should not terminate the connection with
|
||||||
* the server.
|
* the server.
|
||||||
* @property reportUri the URI to which the browser should report pin validation failures.
|
* @property reportUri the URI to which the browser should report pin validation failures.
|
||||||
|
* @deprecated see <a href="https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate and Public Key Pinning</a> for more context
|
||||||
*/
|
*/
|
||||||
@HeadersSecurityMarker
|
@HeadersSecurityMarker
|
||||||
|
@Deprecated(message = "as of 5.8 with no replacement")
|
||||||
class HttpPublicKeyPinningDsl {
|
class HttpPublicKeyPinningDsl {
|
||||||
var pins: Map<String, String>? = null
|
var pins: Map<String, String>? = null
|
||||||
var maxAgeInSeconds: Long? = null
|
var maxAgeInSeconds: Long? = null
|
||||||
|
|
|
@ -1193,6 +1193,7 @@ cors-options.attlist &=
|
||||||
attribute configuration-source-ref {xsd:token}?
|
attribute configuration-source-ref {xsd:token}?
|
||||||
|
|
||||||
hpkp =
|
hpkp =
|
||||||
|
## Deprecated. The HPKP header no longer works in modern browsers, see <a href="https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate and Public Key Pinning</a> for more context
|
||||||
## Adds support for HTTP Public Key Pinning (HPKP).
|
## Adds support for HTTP Public Key Pinning (HPKP).
|
||||||
element hpkp {hpkp.pins,hpkp.attlist}
|
element hpkp {hpkp.pins,hpkp.attlist}
|
||||||
hpkp.pins =
|
hpkp.pins =
|
||||||
|
|
|
@ -3373,7 +3373,10 @@
|
||||||
</xs:attributeGroup>
|
</xs:attributeGroup>
|
||||||
<xs:element name="hpkp">
|
<xs:element name="hpkp">
|
||||||
<xs:annotation>
|
<xs:annotation>
|
||||||
<xs:documentation>Adds support for HTTP Public Key Pinning (HPKP).
|
<xs:documentation>Deprecated. The HPKP header no longer works in modern browsers, see <a
|
||||||
|
href="https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate
|
||||||
|
and Public Key Pinning</a> for more context Adds support for HTTP Public Key Pinning
|
||||||
|
(HPKP).
|
||||||
</xs:documentation>
|
</xs:documentation>
|
||||||
</xs:annotation>
|
</xs:annotation>
|
||||||
<xs:complexType>
|
<xs:complexType>
|
||||||
|
@ -3875,4 +3878,4 @@
|
||||||
<xs:enumeration value="LAST"/>
|
<xs:enumeration value="LAST"/>
|
||||||
</xs:restriction>
|
</xs:restriction>
|
||||||
</xs:simpleType>
|
</xs:simpleType>
|
||||||
</xs:schema>
|
</xs:schema>
|
||||||
|
|
|
@ -109,7 +109,11 @@ import org.springframework.util.Assert;
|
||||||
* @author Tim Ysewyn
|
* @author Tim Ysewyn
|
||||||
* @author Ankur Pathak
|
* @author Ankur Pathak
|
||||||
* @since 4.1
|
* @since 4.1
|
||||||
|
* @deprecated see <a href=
|
||||||
|
* "https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning">Certificate
|
||||||
|
* and Public Key Pinning</a> for more context
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public final class HpkpHeaderWriter implements HeaderWriter {
|
public final class HpkpHeaderWriter implements HeaderWriter {
|
||||||
|
|
||||||
private static final long DEFAULT_MAX_AGE_SECONDS = 5184000;
|
private static final long DEFAULT_MAX_AGE_SECONDS = 5184000;
|
||||||
|
|
Loading…
Reference in New Issue