Deprecate feature-policy where not already deprecated

Issue spring-projectsgh-9262
akohli96 · Aug 25, 2021 · 526ae79 · 526ae79
1 parent 9ebb074
commit 526ae79
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 5 deletions.
diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@@ -2420,7 +2420,9 @@ public HeaderSpec contentSecurityPolicy(Customizer<ContentSecurityPolicySpec> co
 		 * Configures {@code Feature-Policy} response header.
 		 * @param policyDirectives the policy
 		 * @return the {@link FeaturePolicySpec} to configure
+		 * @deprecated Use {@link #permissionsPolicy(Customizer)} instead.
 		 */
+		@Deprecated
 		public FeaturePolicySpec featurePolicy(String policyDirectives) {
 			return new FeaturePolicySpec(policyDirectives);
 		}

diff --git a/config/src/main/kotlin/org/springframework/security/config/web/server/ServerHeadersDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/server/ServerHeadersDsl.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -137,6 +137,7 @@ class ServerHeadersDsl {
      *
      * @param policyDirectives policyDirectives the security policy directive(s)
      */
+    @Deprecated("Use 'permissionsPolicy { }' instead.")
     fun featurePolicy(policyDirectives: String) {
         this.featurePolicyDirectives = policyDirectives
     }
@@ -163,6 +164,7 @@ class ServerHeadersDsl {
         disabled = true
     }
 
+    @Suppress("DEPRECATION")
     internal fun get(): (ServerHttpSecurity.HeaderSpec) -> Unit {
         return { headers ->
             contentTypeOptions?.also {

diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/HeadersDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/HeadersDsl.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -161,6 +161,7 @@ class HeadersDsl {
      *
      * @param policyDirectives policyDirectives the security policy directive(s)
      */
+    @Deprecated("Use 'permissionsPolicy { }' instead.")
     fun featurePolicy(policyDirectives: String) {
         this.featurePolicyDirectives = policyDirectives
     }
@@ -174,7 +175,7 @@ class HeadersDsl {
      * header in the response using the supplied policy directive(s).
      * <p>
      *
-     * @param policyDirectives policyDirectives the security policy directive(s)
+     * @param permissionsPolicyConfig the customization to apply to the header
      */
     fun permissionsPolicy(permissionsPolicyConfig: PermissionsPolicyDsl.() -> Unit) {
         this.permissionsPolicy = PermissionsPolicyDsl().apply(permissionsPolicyConfig).get()
@@ -199,6 +200,7 @@ class HeadersDsl {
         disabled = true
     }
 
+    @Suppress("DEPRECATION")
     internal fun get(): (HeadersConfigurer<HttpSecurity>) -> Unit {
         return { headers ->
             defaultsDisabled?.also {

diff --git a/...g/src/test/kotlin/org/springframework/security/config/web/server/ServerHeadersDslTests.kt b/...g/src/test/kotlin/org/springframework/security/config/web/server/ServerHeadersDslTests.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -121,6 +121,7 @@ class ServerHeadersDslTests {
 
     @EnableWebFluxSecurity
     @EnableWebFlux
+    @Suppress("DEPRECATION")
     open class FeaturePolicyConfig {
         @Bean
         open fun springWebFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {

diff --git a/config/src/test/kotlin/org/springframework/security/config/web/servlet/HeadersDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/servlet/HeadersDslTests.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -84,6 +84,7 @@ class HeadersDslTests {
     }
 
     @EnableWebSecurity
+    @Suppress("DEPRECATION")
     open class FeaturePolicyConfig : WebSecurityConfigurerAdapter() {
         override fun configure(http: HttpSecurity) {
             http {