Class: ActionDispatch::PermissionsPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/action_dispatch/http/permissions_policy.rb

Overview

Action Dispatch PermissionsPolicy

Configures the HTTP Feature-Policy response header to specify which browser features the current document and its iframes can use.

Example global policy:

Rails.application.config.permissions_policy do |policy|
  policy.camera      :none
  policy.gyroscope   :none
  policy.microphone  :none
  policy.usb         :none
  policy.fullscreen  :self
  policy.payment     :self, "https://secure.example.com"
end

The Feature-Policy header has been renamed to Permissions-Policy. The Permissions-Policy requires a different implementation and isn’t yet supported by all browsers. To avoid having to rename this middleware in the future we use the new name for the middleware but keep the old header name and implementation for now.

Defined Under Namespace

Modules: Request Classes: Middleware

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize {|_self| ... } ⇒ PermissionsPolicy

Returns a new instance of PermissionsPolicy.

Yields:

  • (_self)

Yield Parameters:



109
110
111
112
 
# File 'lib/action_dispatch/http/permissions_policy.rb', line 109

def initialize
  @directives = {}
  yield self if block_given?
end

Instance Attribute Details

#directivesObject (readonly)

Returns the value of attribute directives.



107
108
109
 
# File 'lib/action_dispatch/http/permissions_policy.rb', line 107

def directives
  @directives
end

Instance Method Details

#build(context = nil) ⇒ Object 



147
148
149
 
# File 'lib/action_dispatch/http/permissions_policy.rb', line 147

def build(context = nil)
  build_directives(context).compact.join("; ")
end

#initialize_copy(other) ⇒ Object 



114
115
116
 
# File 'lib/action_dispatch/http/permissions_policy.rb', line 114

def initialize_copy(other)
  @directives = other.directives.deep_dup
end