Class: Contrast::Agent::Assess::Rule::Response::XXssProtection

Inherits:

HeaderRule

• Object
• BaseRule
• HeaderRule
• Contrast::Agent::Assess::Rule::Response::XXssProtection

Includes:

Framework::RailsSupport

Defined in:

lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb

Overview

These rules check the content of the HTTP Response to determine if the response contains the needed header

Constant Summary

HEADER_KEYS =

%w[X-XSS-Protection].cs__freeze

ACCEPTED_VALUES =

[/^1/].cs__freeze

DEFAULT_SAFE =

true

Constants included from Framework::RailsSupport

Framework::RailsSupport::RAILS_VERSION

Constants inherited from HeaderRule

HeaderRule::HEADER_TYPE

Constants inherited from BaseRule

BaseRule::DATA

Instance Method Summary

• #rule_id ⇒ Object

Methods included from Framework::RailsSupport

#rails_seven?

Methods inherited from HeaderRule

#headers?, #violated?

Methods inherited from BaseRule

#analyze

Instance Method Details

#rule_id ⇒ Object

# File 'lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb', line 20

def rule_id
  'xxssprotection-header-disabled'
end