Design Partners
Prevent clickjacking
** org.openrewrite.java.security.spring.PreventClickjacking** The frame-ancestors directive can be used in a Content-Security-Policy HTTP response header to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid Clickjacking attacks by ensuring that their content is not embedded into other sites.

Source

  • groupId: org.openrewrite.recipe
  • artifactId: rewrite-java-security
  • version: 1.12.0

Options

Type
Name
Description
Boolean
onlyIfSecurityConfig
Optional. Only patch existing implementations of WebSecurityConfigurerAdapter.

Usage

This recipe has no required configuration options and can be activated directly after taking a dependency on org.openrewrite.recipe:rewrite-java-security:1.12.0 in your build file:
Gradle
Maven
build.gradle
1
plugins {
2
id("org.openrewrite.rewrite") version("5.22.2")
3
}
4
5
rewrite {
6
activeRecipe("org.openrewrite.java.security.spring.PreventClickjacking")
7
}
8
9
repositories {
10
mavenCentral()
11
}
12
13
dependencies {
14
rewrite("org.openrewrite.recipe:rewrite-java-security:1.12.0")
15
}
Copied!
pom.xml
1
<project>
2
<build>
3
<plugins>
4
<plugin>
5
<groupId>org.openrewrite.maven</groupId>
6
<artifactId>rewrite-maven-plugin</artifactId>
7
<version>4.25.0</version>
8
<configuration>
9
<activeRecipes>
10
<recipe>org.openrewrite.java.security.spring.PreventClickjacking</recipe>
11
</activeRecipes>
12
</configuration>
13
<dependencies>
14
<dependency>
15
<groupId>org.openrewrite.recipe</groupId>
16
<artifactId>rewrite-java-security</artifactId>
17
<version>1.12.0</version>
18
</dependency>
19
</dependencies>
20
</plugin>
21
</plugins>
22
</build>
23
</project>
Copied!
Recipes can also be activated directly from the command line by adding the argument -Drewrite.activeRecipesorg.openrewrite.java.security.spring.PreventClickjacking
Export as PDF
Copy link