Package overit.geocall.util.services

Class CSPSafenessPropertiesServiceImpl

java.lang.Object

overit.geocall.util.services.CSPSafenessPropertiesServiceImpl

All Implemented Interfaces:

CSPSafenessPropertiesService

@Service
public class CSPSafenessPropertiesServiceImpl
extends Object
implements CSPSafenessPropertiesService

Field Summary

Fields inherited from interface overit.geocall.util.services.CSPSafenessPropertiesService

CSP_SAFE, CSP_SAFE_EVAL, CSP_SAFE_INLINE_HANDLER, CSP_SAFE_INLINE_SCRIPT, CSP_SAFE_INLINE_STYLE

Constructor Summary

Constructors

Constructor	Description
CSPSafenessPropertiesServiceImpl()

Method Summary

Modifier and Type	Method	Description
boolean	isEvalSafenessActive()	Checks if eval() function safeness is active.
boolean	isInlineHandlerSafenessActive()	Checks if inline event handler safeness is active.
boolean	isInlineScriptSafenessActive()	Checks if inline script tag safeness is active.
boolean	isInlineStyleSafenessActive()	Checks if inline style tag safeness is active.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CSPSafenessPropertiesServiceImpl

public CSPSafenessPropertiesServiceImpl()

Method Details

isInlineScriptSafenessActive

public boolean isInlineScriptSafenessActive()

Description copied from interface: CSPSafenessPropertiesService

Checks if inline script tag safeness is active. When active, the system will inject nonce attributes into script-src CSP directive to allow the execution of inline script tags in a CSP-compliant way.

Specified by:

isInlineScriptSafenessActive in interface CSPSafenessPropertiesService

Returns:

true if inline script tag safeness is active, false otherwise

isInlineStyleSafenessActive

public boolean isInlineStyleSafenessActive()

Description copied from interface: CSPSafenessPropertiesService

Checks if inline style tag safeness is active. When active, the system will inject nonce attributes into style-src CSP directive to allow the execution of inline style tags in a CSP-compliant way.

Specified by:

isInlineStyleSafenessActive in interface CSPSafenessPropertiesService

Returns:

true if inline style tag safeness is active, false otherwise

isInlineHandlerSafenessActive

public boolean isInlineHandlerSafenessActive()

Description copied from interface: CSPSafenessPropertiesService

Checks if inline event handler safeness is active. When active, the system will replace traditional inline event handlers (like onclick) with data-event-* attributes and appropriate CSS classes that are processed by the SafeInlineEngine.

Specified by:

isInlineHandlerSafenessActive in interface CSPSafenessPropertiesService

Returns:

true if inline event handler safeness is active, false otherwise

isEvalSafenessActive

public boolean isEvalSafenessActive()

Description copied from interface: CSPSafenessPropertiesService

Checks if eval() function safeness is active. When active, the system will replace traditional window.eval() function calls with a custom and safe management of the function that is compatible with CSP restrictions.

Specified by:

isEvalSafenessActive in interface CSPSafenessPropertiesService

Returns:

true if eval() function safeness is active, false otherwise