summaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters
diff options
context:
space:
mode:
authorBjørn Christian Seime <bjorncs@oath.com>2018-06-05 16:17:47 +0200
committerBjørn Christian Seime <bjorncs@oath.com>2018-06-05 16:17:47 +0200
commit3c081446258ad2bdec67534e45dbd533798e1e74 (patch)
tree992241a218bbb78d1847b5603217486afd35433f /jdisc-security-filters
parent93736dace106d7a0ae4ee2508393a16cdc7c2f5c (diff)
Add jdisc filter that adds recommened security-related response headers
Diffstat (limited to 'jdisc-security-filters')
-rw-r--r--jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java21
-rw-r--r--jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/package-info.java8
2 files changed, 29 insertions, 0 deletions
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java
new file mode 100644
index 00000000000..f50e7454f19
--- /dev/null
+++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/SecurityHeadersResponseFilter.java
@@ -0,0 +1,21 @@
+// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.jdisc.http.filter.security.misc;
+
+import com.yahoo.jdisc.http.filter.DiscFilterResponse;
+import com.yahoo.jdisc.http.filter.RequestView;
+import com.yahoo.jdisc.http.filter.SecurityResponseFilter;
+
+/**
+ * Adds recommended security response headers intended for hardening Rest APIs over https.
+ *
+ * @author bjorncs
+ */
+public class SecurityHeadersResponseFilter implements SecurityResponseFilter {
+
+ @Override
+ public void filter(DiscFilterResponse response, RequestView request) {
+ response.setHeader("Cache-control", "no-store");
+ response.setHeader("Pragma", "no-cache");
+ response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
+ }
+}
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/package-info.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/package-info.java
new file mode 100644
index 00000000000..b646e9e135e
--- /dev/null
+++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/misc/package-info.java
@@ -0,0 +1,8 @@
+// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+/**
+ * @author bjorncs
+ */
+@ExportPackage
+package com.yahoo.jdisc.http.filter.security.misc;
+
+import com.yahoo.osgi.annotation.ExportPackage; \ No newline at end of file