Class: ActionDispatch::PermissionsPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/action_dispatch/http/permissions_policy.rb

Overview

Action Dispatch PermissionsPolicy

Configures the HTTP Feature-Policy response header to specify which browser features the current document and its iframes can use.

Example global policy:

Rails.application.config.permissions_policy do |policy|
  policy.camera      :none
  policy.gyroscope   :none
  policy.microphone  :none
  policy.usb         :none
  policy.fullscreen  :self
  policy.payment     :self, "https://secure.example.com"
end

The Feature-Policy header has been renamed to Permissions-Policy. The Permissions-Policy requires a different implementation and isn’t yet supported by all browsers. To avoid having to rename this middleware in the future we use the new name for the middleware but keep the old header name and implementation for now.

Defined Under Namespace

Modules: Request Classes: Middleware

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize {|_self| ... } ⇒ PermissionsPolicy

Returns a new instance of PermissionsPolicy.

Yields:

  • (_self)

Yield Parameters:



116
117
118
119
# File 'lib/action_dispatch/http/permissions_policy.rb', line 116

def initialize
  @directives = {}
  yield self if block_given?
end

Instance Attribute Details

#directivesObject (readonly)

Returns the value of attribute directives.



114
115
116
# File 'lib/action_dispatch/http/permissions_policy.rb', line 114

def directives
  @directives
end

Instance Method Details

#build(context = nil) ⇒ Object



154
155
156
# File 'lib/action_dispatch/http/permissions_policy.rb', line 154

def build(context = nil)
  build_directives(context).compact.join("; ")
end

#initialize_copy(other) ⇒ Object



121
122
123
# File 'lib/action_dispatch/http/permissions_policy.rb', line 121

def initialize_copy(other)
  @directives = other.directives.deep_dup
end