SecurityConfig: fix errors from CheckStyle.

php-coder · php-coder · commit 5fa7554a54cc · 2017-09-20T01:02:40.000+02:00
Correction for 4d0922e commit. Addressed to #226
diff --git a/src/main/java/ru/mystamps/web/support/spring/security/SecurityConfig.java b/src/main/java/ru/mystamps/web/support/spring/security/SecurityConfig.java
@@ -119,22 +119,23 @@ protected void configure(HttpSecurity http) throws Exception {
 				.defaultsDisabled() // TODO
 				.contentSecurityPolicy(
 					// default policy prevents loading resources from any source
-					"default-src 'none'; " +
+					"default-src 'none'; "
 					// 'self' is required for: our own CSS files
 					// 'https://cdn.rawgit.com' is required for: languages.min.css (TODO: GH #246)
-					"style-src 'self' https://cdn.rawgit.com; " +
+					+ "style-src 'self' https://cdn.rawgit.com; "
 					// 'self' is required for: our own JS files
-					// 'unsafe-inline' is required for: jquery.min.js (that is using code inside of event handlers.
-					// We can't use hashing algorithms because they aren't supported for handlers. In future,
-					// we should get rid of jQuery or use 'unsafe-hashed-attributes' from CSP3. Details:
-					// https://github.com/jquery/jquery/blob/d71f6a53927ad02d728503385d15539b73d21ac8/jquery.js#L1441-L1447
+					// 'unsafe-inline' is required for: jquery.min.js (that is using code inside of
+					// event handlers. We can't use hashing algorithms because they aren't supported
+					// for handlers. In future, we should get rid of jQuery or use
+					// 'unsafe-hashed-attributes' from CSP3. Details:
+					// https://github.com/jquery/jquery/blob/d71f6a53927ad02d/jquery.js#L1441-L1447
 					// and https://w3c.github.io/webappsec-csp/#unsafe-hashed-attributes-usage)
-					"script-src 'self' 'unsafe-inline'; " +
+					+ "script-src 'self' 'unsafe-inline'; "
 					// 'https://cdn.rawgit.com' is required for: languages.png (TODO: GH #246)
-					// 'https://raw.githubusercontent.com' is required for: languages.png (TODO: GH #246)
-					"img-src https://cdn.rawgit.com https://raw.githubusercontent.com; " +
+					// 'https://raw.githubusercontent.com' is required for: languages.png
+					+ "img-src https://cdn.rawgit.com https://raw.githubusercontent.com; "
 					// 'self' is required for: glyphicons-halflings-regular.woff2 from bootstrap
-					"font-src 'self'"
+					+ "font-src 'self'"
 				).reportOnly();
 	}
 	
