Class: SecureHeaders::ReferrerPolicy

Inherits:

Object

Object
SecureHeaders::ReferrerPolicy

show all

Defined in:: lib/secure_headers/headers/referrer_policy.rb

Constant Summary collapse

HEADER_NAME =

"Referrer-Policy".freeze

DEFAULT_VALUE =

"origin-when-cross-origin"

VALID_POLICIES =

%w(
  no-referrer
  no-referrer-when-downgrade
  same-origin
  strict-origin
  strict-origin-when-cross-origin
  origin
  origin-when-cross-origin
  unsafe-url
)

Class Method Summary collapse

.make_header(config = nil, user_agent = nil) ⇒ Object

Public: generate an Referrer Policy header.
.validate_config!(config) ⇒ Object

Class Method Details

.make_header(config = nil, user_agent = nil) ⇒ `Object`

Public: generate an Referrer Policy header.

Returns a default header if no configuration is provided, or a header name and value based on the config.

# File 'lib/secure_headers/headers/referrer_policy.rb', line 23

def make_header(config = nil, user_agent = nil)
  return if config == OPT_OUT
  config ||= DEFAULT_VALUE
  [HEADER_NAME, Array(config).join(", ")]
end

.validate_config!(config) ⇒ `Object`

# File 'lib/secure_headers/headers/referrer_policy.rb', line 29

def validate_config!(config)
  case config
  when nil, OPT_OUT
    # valid
  when String, Array
    config = Array(config)
    unless config.all? { |t| t.is_a?(String) && VALID_POLICIES.include?(t.downcase) }
      raise ReferrerPolicyConfigError.new("Value can only be one or more of #{VALID_POLICIES.join(", ")}")
    end
  else
    raise TypeError.new("Must be a string or array of strings. Found #{config.class}: #{config}")
  end
end