Class: Slimmer::Processors::NonceInserter
- Inherits:
-
Object
- Object
- Slimmer::Processors::NonceInserter
- Defined in:
- lib/slimmer/processors/nonce_inserter.rb
Instance Method Summary collapse
- #filter(_src, dest) ⇒ Object
-
#initialize(env) ⇒ NonceInserter
constructor
A new instance of NonceInserter.
Constructor Details
#initialize(env) ⇒ NonceInserter
Returns a new instance of NonceInserter.
3 4 5 6 7 8 9 |
# File 'lib/slimmer/processors/nonce_inserter.rb', line 3 def initialize(env) # As Rails is an optional dependency of this gem quietly do nothing if Rails # classes don't exist. @nonce = if defined?(ActionDispatch::Request) ActionDispatch::Request.new(env).content_security_policy_nonce end end |
Instance Method Details
#filter(_src, dest) ⇒ Object
11 12 13 14 15 16 17 18 19 |
# File 'lib/slimmer/processors/nonce_inserter.rb', line 11 def filter(_src, dest) return unless @nonce # Add the nonce attribute to script elements that don't have a src attribute # we expect those with src to be on a CSP host allow list dest.css("script:not([src])").each do |script| script["nonce"] = @nonce end end |