Represents a content security policy.
Methods
Public Class
Public Instance
Public Class methods
new()
[show source]
# File lib/roda/plugins/content_security_policy.rb 185 def initialize 186 clear 187 end
Public Instance methods
clear()
Clear all settings, useful to remove any inherited settings.
[show source]
# File lib/roda/plugins/content_security_policy.rb 190 def clear 191 @opts = {} 192 end
freeze()
Do not allow future modifications to any settings.
[show source]
# File lib/roda/plugins/content_security_policy.rb 195 def freeze 196 @opts.freeze 197 header_value.freeze 198 super 199 end
header_key()
The header name to use, depends on whether report only mode has been enabled.
[show source]
# File lib/roda/plugins/content_security_policy.rb 202 def header_key 203 @report_only ? RodaResponseHeaders::CONTENT_SECURITY_POLICY_REPORT_ONLY : RodaResponseHeaders::CONTENT_SECURITY_POLICY 204 end
header_value()
The header value to use.
[show source]
# File lib/roda/plugins/content_security_policy.rb 207 def header_value 208 return @header_value if @header_value 209 210 s = String.new 211 @opts.each do |k, vs| 212 s << k 213 unless vs == true 214 vs.each{|v| append_formatted_value(s, v)} 215 end 216 s << '; ' 217 end 218 @header_value = s 219 end
report_only(report=true)
Set whether the Content-Security-Policy-Report-Only header instead of the default Content-Security-Policy header.
[show source]
# File lib/roda/plugins/content_security_policy.rb 223 def report_only(report=true) 224 @report_only = report 225 end
report_only?()
Whether this policy uses report only mode.
[show source]
# File lib/roda/plugins/content_security_policy.rb 228 def report_only? 229 !!@report_only 230 end
set_header(headers)
Set the current policy in the headers hash. If no settings have been made in the policy, does not set a header.
[show source]
# File lib/roda/plugins/content_security_policy.rb 234 def set_header(headers) 235 return if @opts.empty? 236 headers[header_key] ||= header_value 237 end