Module: ActionView::Helpers::CspHelper
- Included in:
- ActionView::Helpers
- Defined in:
- actionview/lib/action_view/helpers/csp_helper.rb
Instance Method Summary collapse
-
#csp_meta_tag(**options) ⇒ Object
Action View CSP Helpers.
Instance Method Details
#csp_meta_tag(**options) ⇒ Object
Action View CSP Helpers
Returns a meta tag “csp-nonce” with the per-session nonce value for allowing inline <script> tags.
<head>
<%= csp_meta_tag %>
</head>
This is used by the Rails UJS helper to create dynamically loaded inline <script> elements.
18 19 20 21 22 23 24 |
# File 'actionview/lib/action_view/helpers/csp_helper.rb', line 18 def (**) if content_security_policy? [:name] = "csp-nonce" [:content] = content_security_policy_nonce tag("meta", ) end end |