Class: CSPUtil::Directive

Inherits:

Object

• Object
• CSPUtil::Directive

Defined in:

lib/csp_util/directive.rb

Constant Summary

VALID_NAMES =

More info: developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy

%w[
  child-src connect-src default-src font-src frame-src img-src
  manifest-src media-src object-src script-src style-src worker-src
  base-uri plugin-types sandbox disown-opener form-action frame-ancestors
  report-uri report-to upgrade-insecure-requests block-all-mixed-content
  require-sri-for
].freeze

DEPRECATED_NAMES =

%w[reflected-xss referrer].freeze

FULLY_DEPRECATED_NAMES =

%w[policy-uri].freeze

Instance Attribute Summary

• #name ⇒ Object

  Returns the value of attribute name.

• #value ⇒ Object

  Returns the value of attribute value.

Instance Method Summary

• #add_value(value) ⇒ Object
• #delete_value(value) ⇒ Object
• #initialize(name = nil, value = nil) ⇒ Directive constructor

  A new instance of Directive.

• #parse!(token) ⇒ Object
• #same_name?(another_directive) ⇒ Boolean
• #to_h ⇒ Object
• #to_s ⇒ Object

Constructor Details

#initialize(name = nil, value = nil) ⇒ Directive

Returns a new instance of Directive.

# File 'lib/csp_util/directive.rb', line 20

def initialize(name=nil, value=nil)
  self.name = name if name
  self.value = value if value
  return self
end

Instance Attribute Details

#name ⇒ Object

Returns the value of attribute name.

# File 'lib/csp_util/directive.rb', line 18

def name
  @name
end

#value ⇒ Object

Returns the value of attribute value.

# File 'lib/csp_util/directive.rb', line 18

def value
  @value
end

Instance Method Details

#add_value(value) ⇒ Object

# File 'lib/csp_util/directive.rb', line 48

def add_value(value)
  if value.is_a?(Array)
    @value = (@value << value).flatten.uniq 
  else
    @value = (@value << value.strip).uniq
  end
end

#delete_value(value) ⇒ Object

# File 'lib/csp_util/directive.rb', line 56

def delete_value(value)
  @value.delete(value)
end

#parse!(token) ⇒ Object

# File 'lib/csp_util/directive.rb', line 26

def parse!(token)
  name, value = token.split(' ', 2)
  self.name = name
  self.value = value
  return self
end

#same_name?(another_directive) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/csp_util/directive.rb', line 60

def same_name?(another_directive)
  @name.casecmp(another_directive.name).zero?
end

#to_h ⇒ Object

# File 'lib/csp_util/directive.rb', line 64

def to_h
  { name: @name, value: @value }
end

#to_s ⇒ Object

# File 'lib/csp_util/directive.rb', line 68

def to_s
  [@name, @value.join(' ')].reject(&:empty?).join(' ')
end