package org.eclipse.ditto.services.gateway.endpoints.directives;

import akka.http.javadsl.model.HttpHeader;
import akka.http.javadsl.model.headers.RawHeader;
import akka.http.javadsl.server.Directives;
import akka.http.javadsl.server.Route;
import java.util.ArrayList;
import java.util.Collections;
import java.util.function.Supplier;
import javax.annotation.concurrent.Immutable;

@Immutable
/* loaded from: input_file:org/eclipse/ditto/services/gateway/endpoints/directives/SecurityResponseHeadersDirective.class */
public final class SecurityResponseHeadersDirective {
    private static final String X_FRAME_OPTIONS = "X-Frame-Options";
    private static final String SAMEORIGIN = "SAMEORIGIN";
    private static final String X_CONTENT_TYPE_OPTIONS = "X-Content-Type-Options";
    private static final String NOSNIFF = "nosniff";
    private static final String X_XSS_PROTECTION = "X-XSS-Protection";
    private static final String MODE_BLOCK = "1; mode=block";

    private SecurityResponseHeadersDirective() {
        throw new AssertionError();
    }

    public static Route addSecurityResponseHeaders(Supplier<Route> supplier) {
        return Directives.extractActorSystem(actorSystem -> {
            return Directives.respondWithHeaders(createSecurityResponseHeaders(), supplier);
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Iterable<HttpHeader> createSecurityResponseHeaders() {
        ArrayList arrayList = new ArrayList(3);
        arrayList.add(RawHeader.create(X_FRAME_OPTIONS, SAMEORIGIN));
        arrayList.add(RawHeader.create(X_CONTENT_TYPE_OPTIONS, NOSNIFF));
        arrayList.add(RawHeader.create(X_XSS_PROTECTION, MODE_BLOCK));
        return Collections.unmodifiableList(arrayList);
    }
}
