You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree:
7be2eb05d5
1.0.x
2.0.x
3.0.x
3.1.x
3.2.x
4.0.x
4.1.x
4.2.x
5.0.x
5.1.x
5.2.x
5.3.x
5.4.x
5.5.x
5.6.x
5.7.x
5.8.x
5.8.x_update-antora-ui-spring
6.0.x
6.1.x
6.2.x
6.2.x_update-antora-ui-spring
6.3.x
6.3.x_update-antora-ui-spring
6.4.x
6.5.x
7.0.x
dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.10
dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT
dependabot/gradle/main/tools.jackson-jackson-bom-3.0.4
dependabot/npm_and_yarn/javascript/lodash-4.17.23
dependencies-typo-6.5.x
dependencies-typo-main
docs-build
finalize
gh-16886
gh-pages
kotlin22
main
wrapperbot/spring-security/gradle-wrapper-8.10
wrapperbot/spring-security/gradle-wrapper-8.10.1
wrapperbot/spring-security/gradle-wrapper-8.10.2
wrapperbot/spring-security/gradle-wrapper-8.11
wrapperbot/spring-security/gradle-wrapper-8.11.1
wrapperbot/spring-security/gradle-wrapper-8.12
wrapperbot/spring-security/gradle-wrapper-8.12.1
wrapperbot/spring-security/gradle-wrapper-8.13
wrapperbot/spring-security/gradle-wrapper-8.14
wrapperbot/spring-security/gradle-wrapper-8.9
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
2.0.0
2.0.0.M1
2.0.0.M2
2.0.0.RC1
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5.RELEASE
2.0.6.RELEASE
2.0.7.RELEASE
2.0.8.RELEASE
2.5.0.M1
3.0.0.M1
3.0.0.M2
3.0.0.RC1
3.0.0.RC2
3.0.0.RELEASE
3.0.1.RELEASE
3.0.2.RELEASE
3.0.3.RELEASE
3.0.4.RELEASE
3.0.5.RELEASE
3.0.6.RELEASE
3.0.7.RELEASE
3.0.8.RELEASE
3.1.0.M1
3.1.0.M2
3.1.0.RC1
3.1.0.RC2
3.1.0.RC3
3.1.0.RELEASE
3.1.1.RELEASE
3.1.2.RELEASE
3.1.3.RELEASE
3.1.4.RELEASE
3.1.5.RELEASE
3.1.6.RELEASE
3.1.7.RELEASE
3.2.0.M1
3.2.0.M2
3.2.0.RC1
3.2.0.RC2
3.2.0.RELEASE
3.2.1.RELEASE
3.2.10.RELEASE
3.2.2.RELEASE
3.2.3.RELEASE
3.2.4.RELEASE
3.2.5.RELEASE
3.2.6.RELEASE
3.2.7.RELEASE
3.2.8.RELEASE
3.2.9.RELEASE
4.0.0.M1
4.0.0.M2
4.0.0.RC1
4.0.0.RC2
4.0.0.RELEASE
4.0.1.RELEASE
4.0.2.RELEASE
4.0.3.RELEASE
4.0.4.RELEASE
4.1.0.RC1
4.1.0.RC2
4.1.0.RELEASE
4.1.1.RELEASE
4.1.2.RELEASE
4.1.3.RELEASE
4.1.4.RELEASE
4.1.5.RELEASE
4.2.0.M1
4.2.0.RC1
4.2.0.RELEASE
4.2.1.RELEASE
4.2.10.RELEASE
4.2.11.RELEASE
4.2.12.RELEASE
4.2.13.RELEASE
4.2.14.RELEASE
4.2.15.RELEASE
4.2.16.RELEASE
4.2.17.RELEASE
4.2.18.RELEASE
4.2.19.RELEASE
4.2.2.RELEASE
4.2.20.RELEASE
4.2.3.RELEASE
4.2.4.RELEASE
4.2.5.RELEASE
4.2.6.RELEASE
4.2.7.RELEASE
4.2.8.RELEASE
4.2.9.RELEASE
5.0.0.M1
5.0.0.M2
5.0.0.M3
5.0.0.M4
5.0.0.M5
5.0.0.RC1
5.0.0.RELEASE
5.0.1.RELEASE
5.0.10.RELEASE
5.0.11.RELEASE
5.0.12.RELEASE
5.0.13.RELEASE
5.0.14.RELEASE
5.0.15.RELEASE
5.0.16.RELEASE
5.0.17.RELEASE
5.0.18.RELEASE
5.0.19.RELEASE
5.0.2.RELEASE
5.0.3.RELEASE
5.0.4.RELEASE
5.0.5.RELEASE
5.0.6.RELEASE
5.0.7.RELEASE
5.0.8.RELEASE
5.0.9.RELEASE
5.1.0.M1
5.1.0.M2
5.1.0.RC1
5.1.0.RC2
5.1.0.RELEASE
5.1.1.RELEASE
5.1.10.RELEASE
5.1.11.RELEASE
5.1.12.RELEASE
5.1.13.RELEASE
5.1.2.RELEASE
5.1.3.RELEASE
5.1.4.RELEASE
5.1.5.RELEASE
5.1.6.RELEASE
5.1.7.RELEASE
5.1.8.RELEASE
5.1.9.RELEASE
5.2.0.M1
5.2.0.M2
5.2.0.M3
5.2.0.M4
5.2.0.RC1
5.2.0.RELEASE
5.2.1.RELEASE
5.2.10.RELEASE
5.2.11.RELEASE
5.2.12.RELEASE
5.2.13.RELEASE
5.2.14.RELEASE
5.2.15.RELEASE
5.2.2.RELEASE
5.2.3.RELEASE
5.2.4.RELEASE
5.2.5.RELEASE
5.2.6.RELEASE
5.2.7.RELEASE
5.2.8.RELEASE
5.2.9.RELEASE
5.3.0.M1
5.3.0.RC1
5.3.0.RELEASE
5.3.1.RELEASE
5.3.10.RELEASE
5.3.11.RELEASE
5.3.12.RELEASE
5.3.13.RELEASE
5.3.2.RELEASE
5.3.3.RELEASE
5.3.4.RELEASE
5.3.5.RELEASE
5.3.6.RELEASE
5.3.7.RELEASE
5.3.8.RELEASE
5.3.9.RELEASE
5.4.0
5.4.0-M1
5.4.0-M2
5.4.0-RC1
5.4.1
5.4.10
5.4.11
5.4.2
5.4.3
5.4.4
5.4.5
5.4.6
5.4.7
5.4.8
5.4.9
5.5.0
5.5.0-M1
5.5.0-M2
5.5.0-M3
5.5.0-RC1
5.5.0-RC2
5.5.1
5.5.2
5.5.3
5.5.4
5.5.5
5.5.6
5.5.7
5.5.8
5.6.0
5.6.0-M1
5.6.0-M2
5.6.0-M3
5.6.0-RC1
5.6.1
5.6.10
5.6.11
5.6.12
5.6.2
5.6.3
5.6.4
5.6.5
5.6.6
5.6.7
5.6.8
5.6.9
5.7.0
5.7.0-M1
5.7.0-M2
5.7.0-M3
5.7.0-RC1
5.7.1
5.7.10
5.7.11
5.7.12
5.7.13
5.7.14
5.7.2
5.7.3
5.7.4
5.7.5
5.7.6
5.7.7
5.7.8
5.7.9
5.8.0
5.8.0-M1
5.8.0-M2
5.8.0-M3
5.8.0-RC1
5.8.1
5.8.10
5.8.11
5.8.12
5.8.13
5.8.14
5.8.15
5.8.16
5.8.2
5.8.3
5.8.4
5.8.5
5.8.6
5.8.7
5.8.8
5.8.9
6.0.0
6.0.0-M1
6.0.0-M2
6.0.0-M3
6.0.0-M4
6.0.0-M5
6.0.0-M6
6.0.0-M7
6.0.0-RC1
6.0.0-RC2
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
6.1.0
6.1.0-M1
6.1.0-M2
6.1.0-RC1
6.1.1
6.1.2
6.1.3
6.1.4
6.1.5
6.1.6
6.1.7
6.1.8
6.1.9
6.2.0
6.2.0-M1
6.2.0-M2
6.2.0-M3
6.2.0-RC1
6.2.0-RC2
6.2.1
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.3.0
6.3.0-M1
6.3.0-M2
6.3.0-M3
6.3.0-RC1
6.3.1
6.3.10
6.3.2
6.3.3
6.3.4
6.3.5
6.3.6
6.3.7
6.3.8
6.3.9
6.4.0
6.4.0-M1
6.4.0-M2
6.4.0-M3
6.4.0-M4
6.4.0-RC1
6.4.1
6.4.10
6.4.11
6.4.12
6.4.13
6.4.2
6.4.3
6.4.4
6.4.5
6.4.6
6.4.7
6.4.8
6.4.9
6.5.0
6.5.0-M1
6.5.0-M2
6.5.0-M3
6.5.0-RC1
6.5.1
6.5.2
6.5.3
6.5.4
6.5.5
6.5.6
6.5.7
7.0.0
7.0.0-M1
7.0.0-M2
7.0.0-M3
7.0.0-RC1
7.0.0-RC2
7.0.0-RC3
7.0.1
7.0.2
7.1.0-M1
${ noResults }
spring-security/web
Daniel Garnier-Moiroux
93250013e4
OWASP recommends using "X-Xss-Protection: 0". The default is currently "X-Xss-Protection: 1; mode=block". In 6.0, the default will be "0". This commits adds the ability to configure the xssProtection header value in ServerHttpSecurity. This commit deprecates the use of "enabled" and "block" booleans to configure XSS protection, as the state "!enabled + block" is invalid. This impacts HttpSecurity. Issue gh-9631 |
3 years ago | |
|---|---|---|
| .. | ||
| src | Make X-Xss-Protection configurable through ServerHttpSecurity | 3 years ago |
| spring-security-web.gradle | Remove dependency on commons-codec by using java.util.Base64 | 4 years ago |