Class: ActionDispatch::PermissionsPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/action_dispatch/http/permissions_policy.rb

Overview

# Action Dispatch PermissionsPolicy

Configures the HTTP [Feature-Policy](developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy) response header to specify which browser features the current document and its iframes can use.

Example global policy:

Rails.application.config.permissions_policy do |policy|
  policy.camera      :none
  policy.gyroscope   :none
  policy.microphone  :none
  policy.usb         :none
  policy.fullscreen  :self
  policy.payment     :self, "https://secure.example.com"
end

The Feature-Policy header has been renamed to Permissions-Policy. The Permissions-Policy requires a different implementation and isn’t yet supported by all browsers. To avoid having to rename this middleware in the future we use the new name for the middleware but keep the old header name and implementation for now.

Defined Under Namespace

Modules: Request Classes: Middleware

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize {|_self| ... } ⇒ PermissionsPolicy

Returns a new instance of PermissionsPolicy.

Yields:

  • (_self)

Yield Parameters:



113
114
115
116
# File 'lib/action_dispatch/http/permissions_policy.rb', line 113

def initialize
  @directives = {}
  yield self if block_given?
end

Instance Attribute Details

#directivesObject (readonly)

Returns the value of attribute directives.



111
112
113
# File 'lib/action_dispatch/http/permissions_policy.rb', line 111

def directives
  @directives
end

Instance Method Details

#build(context = nil) ⇒ Object



132
133
134
# File 'lib/action_dispatch/http/permissions_policy.rb', line 132

def build(context = nil)
  build_directives(context).compact.join("; ")
end

#initialize_copy(other) ⇒ Object



118
119
120
# File 'lib/action_dispatch/http/permissions_policy.rb', line 118

def initialize_copy(other)
  @directives = other.directives.deep_dup
end