Class: ContentSecurityPolicy::Builder
- Inherits:
-
Object
- Object
- ContentSecurityPolicy::Builder
- Defined in:
- lib/content_security_policy/builder.rb
Constant Summary collapse
- EXTENDABLE_DIRECTIVES =
%i[ base_uri frame_ancestors manifest_src object_src script_src worker_src ].freeze
- TO_BE_EXTENDABLE =
Make extending these directives no-op, until core includes them in default CSP
%i[ connect_src default_src font_src form_action frame_src img_src media_src prefetch_src style_src ].freeze
Instance Method Summary collapse
- #<<(extension) ⇒ Object
- #build ⇒ Object
-
#initialize(base_url:) ⇒ Builder
constructor
A new instance of Builder.
Constructor Details
#initialize(base_url:) ⇒ Builder
Returns a new instance of Builder.
28 29 30 31 |
# File 'lib/content_security_policy/builder.rb', line 28 def initialize(base_url:) @directives = Default.new(base_url: base_url).directives @base_url = base_url end |
Instance Method Details
#<<(extension) ⇒ Object
33 34 35 36 37 38 39 |
# File 'lib/content_security_policy/builder.rb', line 33 def <<(extension) return unless valid_extension?(extension) extension.each do |directive, sources| extend_directive(normalize_directive(directive), sources) end end |
#build ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/content_security_policy/builder.rb', line 41 def build policy = ActionDispatch::ContentSecurityPolicy.new @directives.each do |directive, sources| if sources.is_a?(Array) policy.public_send(directive, *sources) else policy.public_send(directive, sources) end end policy.build end |