Class: HTTP::Security::Headers::ContentSecurityPolicy

Inherits:

Object

Object
HTTP::Security::Headers::ContentSecurityPolicy

show all

Defined in:: lib/http/security/headers/content_security_policy.rb

Direct Known Subclasses

ContentSecurityPolicyReportOnly

Instance Attribute Summary collapse

#connect_src ⇒ Object readonly
Returns the value of attribute connect_src.
#default_src ⇒ Object readonly
Returns the value of attribute default_src.
#font_src ⇒ Object readonly
Returns the value of attribute font_src.
#frame_src ⇒ Object readonly
Returns the value of attribute frame_src.
#img_src ⇒ Object readonly
Returns the value of attribute img_src.
#media_src ⇒ Object readonly
Returns the value of attribute media_src.
#object_src ⇒ Object readonly
Returns the value of attribute object_src.
#report_uri ⇒ Array<URI> readonly
#sandbox ⇒ Object readonly
Returns the value of attribute sandbox.
#script_src ⇒ Object readonly
Returns the value of attribute script_src.
#style_src ⇒ Object readonly
Returns the value of attribute style_src.

Instance Method Summary collapse

#initialize(directives = {}) ⇒ ContentSecurityPolicy constructor
A new instance of ContentSecurityPolicy.
#to_s ⇒ Object

Constructor Details

#initialize(directives = {}) ⇒ `ContentSecurityPolicy`

Returns a new instance of ContentSecurityPolicy.

# File 'lib/http/security/headers/content_security_policy.rb', line 29

def initialize(directives={})
  @default_src = directives[:default_src]
  @script_src = directives[:script_src]
  @object_src = directives[:object_src]
  @style_src = directives[:style_src]
  @img_src = directives[:img_src]
  @media_src = directives[:media_src]
  @frame_src = directives[:frame_src]
  @font_src = directives[:font_src]
  @connect_src = directives[:connect_src]

  @report_uri = Array(directives[:report_uri])
  @sandbox    = directives[:sandbox]
end

Instance Attribute Details

#connect_src ⇒ `Object` (readonly)

Returns the value of attribute connect_src.



22
23
24

# File 'lib/http/security/headers/content_security_policy.rb', line 22

def connect_src
  @connect_src
end

#default_src ⇒ `Object` (readonly)

Returns the value of attribute default_src.



6
7
8

# File 'lib/http/security/headers/content_security_policy.rb', line 6

def default_src
  @default_src
end

#font_src ⇒ `Object` (readonly)

Returns the value of attribute font_src.



20
21
22

# File 'lib/http/security/headers/content_security_policy.rb', line 20

def font_src
  @font_src
end

#frame_src ⇒ `Object` (readonly)

Returns the value of attribute frame_src.



18
19
20

# File 'lib/http/security/headers/content_security_policy.rb', line 18

def frame_src
  @frame_src
end

#img_src ⇒ `Object` (readonly)

Returns the value of attribute img_src.



14
15
16

# File 'lib/http/security/headers/content_security_policy.rb', line 14

def img_src
  @img_src
end

#media_src ⇒ `Object` (readonly)

Returns the value of attribute media_src.



16
17
18

# File 'lib/http/security/headers/content_security_policy.rb', line 16

def media_src
  @media_src
end

#object_src ⇒ `Object` (readonly)

Returns the value of attribute object_src.



10
11
12

# File 'lib/http/security/headers/content_security_policy.rb', line 10

def object_src
  @object_src
end

#report_uri ⇒ `Array<URI>` (readonly)

Returns:

(Array<URI>)



25
26
27

# File 'lib/http/security/headers/content_security_policy.rb', line 25

def report_uri
  @report_uri
end

#sandbox ⇒ `Object` (readonly)

Returns the value of attribute sandbox.



27
28
29

# File 'lib/http/security/headers/content_security_policy.rb', line 27

def sandbox
  @sandbox
end

#script_src ⇒ `Object` (readonly)

Returns the value of attribute script_src.



8
9
10

# File 'lib/http/security/headers/content_security_policy.rb', line 8

def script_src
  @script_src
end

#style_src ⇒ `Object` (readonly)

Returns the value of attribute style_src.



12
13
14

# File 'lib/http/security/headers/content_security_policy.rb', line 12

def style_src
  @style_src
end

Instance Method Details

#to_s ⇒ `Object`

# File 'lib/http/security/headers/content_security_policy.rb', line 44

def to_s
  directives = []

  directives << "default-src #{@default_src}" if @default_src
  directives << "script-src #{@script_src}"   if @script_src
  directives << "object-src #{@object_src}"   if @object_src
  directives << "style-src #{@style_src}"     if @style_src
  directives << "img-src #{@img_src}"         if @img_src
  directives << "media-src #{@media_src}"     if @media_src
  directives << "frame-src #{@frame_src}"     if @frame_src
  directives << "font-src #{@font_src}"       if @font_src
  directives << "connect-src #{@connect_src}" if @connect_src

  if @sandbox
    directives << "sandbox #{@sandbox}"
  end

  unless @report_uri.empty?
    directives << "report-uri #{@report_uri.join(' ')}"
  end

  return directives.join('; ')
end

Class: HTTP::Security::Headers::ContentSecurityPolicy

Direct Known Subclasses

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(directives = {}) ⇒ ContentSecurityPolicy

Instance Attribute Details

#connect_src ⇒ Object (readonly)

#default_src ⇒ Object (readonly)

#font_src ⇒ Object (readonly)

#frame_src ⇒ Object (readonly)

#img_src ⇒ Object (readonly)

#media_src ⇒ Object (readonly)

#object_src ⇒ Object (readonly)

#report_uri ⇒ Array<URI> (readonly)

#sandbox ⇒ Object (readonly)

#script_src ⇒ Object (readonly)

#style_src ⇒ Object (readonly)