Class: SecureHeaders::ContentSecurityPolicyConfig
- Inherits:
-
Object
- Object
- SecureHeaders::ContentSecurityPolicyConfig
show all
- Includes:
- DynamicConfig
- Defined in:
- lib/secure_headers/headers/content_security_policy_config.rb
Constant Summary
collapse
- CONFIG_KEY =
:csp
"Content-Security-Policy".freeze
- ATTRS =
PolicyManagement::ALL_DIRECTIVES + PolicyManagement::META_CONFIGS + PolicyManagement::NONCES
- DEFAULT =
{
default_src: %w('self' https:),
font_src: %w('self' https: data:),
img_src: %w('self' https: data:),
object_src: %w('none'),
script_src: %w(https:),
style_src: %w('self' https: 'unsafe-inline')
}
Class Method Summary
collapse
Instance Method Summary
collapse
#==, #append, #directive_value, #dup, included, #initialize, #merge, #merge!, #modified?, #opt_out?, #to_h, #update_directive
Class Method Details
.attrs ⇒ Object
126
127
128
|
# File 'lib/secure_headers/headers/content_security_policy_config.rb', line 126
def self.attrs
ATTRS
end
|
Instance Method Details
#make_report_only ⇒ Object
#report_only? ⇒ Boolean
142
143
144
|
# File 'lib/secure_headers/headers/content_security_policy_config.rb', line 142
def report_only?
false
end
|