Represents a content security policy.
Methods
Public Class
Public Instance
Public Class methods
new()
[show source]
# File lib/roda/plugins/content_security_policy.rb 188 def initialize 189 clear 190 end
Public Instance methods
clear()
Clear all settings, useful to remove any inherited settings.
[show source]
# File lib/roda/plugins/content_security_policy.rb 193 def clear 194 @opts = {} 195 end
freeze()
Do not allow future modifications to any settings.
[show source]
# File lib/roda/plugins/content_security_policy.rb 198 def freeze 199 @opts.freeze 200 header_value.freeze 201 super 202 end
header_key()
The header name to use, depends on whether report only mode has been enabled.
[show source]
# File lib/roda/plugins/content_security_policy.rb 205 def header_key 206 @report_only ? RodaResponseHeaders::CONTENT_SECURITY_POLICY_REPORT_ONLY : RodaResponseHeaders::CONTENT_SECURITY_POLICY 207 end
header_value()
The header value to use.
[show source]
# File lib/roda/plugins/content_security_policy.rb 210 def header_value 211 return @header_value if @header_value 212 213 s = String.new 214 @opts.each do |k, vs| 215 s << k 216 unless vs == true 217 vs.each{|v| append_formatted_value(s, v)} 218 end 219 s << '; ' 220 end 221 @header_value = s 222 end
report_only(report=true)
Set whether the Content-Security-Policy-Report-Only header instead of the default Content-Security-Policy header.
[show source]
# File lib/roda/plugins/content_security_policy.rb 226 def report_only(report=true) 227 @report_only = report 228 end
report_only?()
Whether this policy uses report only mode.
[show source]
# File lib/roda/plugins/content_security_policy.rb 231 def report_only? 232 !!@report_only 233 end
set_header(headers)
Set the current policy in the headers hash. If no settings have been made in the policy, does not set a header.
[show source]
# File lib/roda/plugins/content_security_policy.rb 237 def set_header(headers) 238 return if @opts.empty? 239 headers[header_key] ||= header_value 240 end