Class: SecureHeaders::XPermittedCrossDomainPolicies
- Inherits:
-
Object
- Object
- SecureHeaders::XPermittedCrossDomainPolicies
- Defined in:
- lib/secure_headers/headers/x_permitted_cross_domain_policies.rb
Constant Summary collapse
- HEADER_NAME =
"x-permitted-cross-domain-policies".freeze
- DEFAULT_VALUE =
"none"
- VALID_POLICIES =
%w(all none master-only by-content-type by-ftp-filename)
Class Method Summary collapse
-
.make_header(config = nil, user_agent = nil) ⇒ Object
Public: generate an x-permitted-cross-domain-policies header.
- .validate_config!(config) ⇒ Object
Class Method Details
.make_header(config = nil, user_agent = nil) ⇒ Object
Public: generate an x-permitted-cross-domain-policies header.
Returns a default header if no configuration is provided, or a header name and value based on the config.
14 15 16 17 |
# File 'lib/secure_headers/headers/x_permitted_cross_domain_policies.rb', line 14 def make_header(config = nil, user_agent = nil) return if config == OPT_OUT [HEADER_NAME, config || DEFAULT_VALUE] end |
.validate_config!(config) ⇒ Object
19 20 21 22 23 24 25 |
# File 'lib/secure_headers/headers/x_permitted_cross_domain_policies.rb', line 19 def validate_config!(config) return if config.nil? || config == OPT_OUT raise TypeError.new("Must be a string. Found #{config.class}: #{config}") unless config.is_a?(String) unless VALID_POLICIES.include?(config.downcase) raise XPCDPConfigError.new("Value can only be one of #{VALID_POLICIES.join(', ')}") end end |