Class: ActionDispatch::ContentSecurityPolicy
- Inherits:
-
Object
- Object
- ActionDispatch::ContentSecurityPolicy
show all
- Defined in:
- actionpack/lib/action_dispatch/http/content_security_policy.rb
Defined Under Namespace
Modules: Request
Classes: Middleware
Instance Attribute Summary collapse
Instance Method Summary
collapse
Constructor Details
Returns a new instance of ContentSecurityPolicy.
154
155
156
157
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 154
def initialize
@directives = {}
yield self if block_given?
end
|
Instance Attribute Details
#directives ⇒ Object
Returns the value of attribute directives
152
153
154
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 152
def directives
@directives
end
|
Instance Method Details
#block_all_mixed_content(enabled = true) ⇒ Object
173
174
175
176
177
178
179
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 173
def block_all_mixed_content(enabled = true)
if enabled
@directives["block-all-mixed-content"] = true
else
@directives.delete("block-all-mixed-content")
end
end
|
#build(context = nil, nonce = nil, nonce_directives = nil) ⇒ Object
219
220
221
222
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 219
def build(context = nil, nonce = nil, nonce_directives = nil)
nonce_directives = DEFAULT_NONCE_DIRECTIVES if nonce_directives.nil?
build_directives(context, nonce, nonce_directives).compact.join("; ")
end
|
#initialize_copy(other) ⇒ Object
159
160
161
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 159
def initialize_copy(other)
@directives = other.directives.deep_dup
end
|
#plugin_types(*types) ⇒ Object
181
182
183
184
185
186
187
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 181
def plugin_types(*types)
if types.first
@directives["plugin-types"] = types
else
@directives.delete("plugin-types")
end
end
|
#report_uri(uri) ⇒ Object
189
190
191
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 189
def report_uri(uri)
@directives["report-uri"] = [uri]
end
|
#require_sri_for(*types) ⇒ Object
193
194
195
196
197
198
199
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 193
def require_sri_for(*types)
if types.first
@directives["require-sri-for"] = types
else
@directives.delete("require-sri-for")
end
end
|
#sandbox(*values) ⇒ Object
201
202
203
204
205
206
207
208
209
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 201
def sandbox(*values)
if values.empty?
@directives["sandbox"] = true
elsif values.first
@directives["sandbox"] = values
else
@directives.delete("sandbox")
end
end
|
#upgrade_insecure_requests(enabled = true) ⇒ Object
211
212
213
214
215
216
217
|
# File 'actionpack/lib/action_dispatch/http/content_security_policy.rb', line 211
def upgrade_insecure_requests(enabled = true)
if enabled
@directives["upgrade-insecure-requests"] = true
else
@directives.delete("upgrade-insecure-requests")
end
end
|