Class: ContentSecurityPolicy::Default

Inherits:

Object

Object
ContentSecurityPolicy::Default

show all

Defined in:: lib/content_security_policy/default.rb

Instance Attribute Summary collapse

#directives ⇒ Object readonly

Returns the value of attribute directives.

Instance Method Summary collapse

#initialize(base_url:) ⇒ Default constructor

A new instance of Default.

Constructor Details

#initialize(base_url:) ⇒ `Default`

Returns a new instance of Default.

# File 'lib/content_security_policy/default.rb', line 8

def initialize(base_url:)
  @base_url = base_url
  @directives =
    {}.tap do |directives|
      directives[:upgrade_insecure_requests] = [] if SiteSetting.force_https
      directives[:base_uri] = [:self]
      directives[:object_src] = [:none]
      directives[:script_src] = script_src
      directives[:worker_src] = []
      directives[
        :report_uri
      ] = report_uri if SiteSetting.content_security_policy_collect_reports
      directives[:frame_ancestors] = frame_ancestors if restrict_embed?
      directives[:manifest_src] = ["'self'"]
    end
end

Instance Attribute Details

#directives ⇒ `Object` (readonly)

Returns the value of attribute directives.



6
7
8

# File 'lib/content_security_policy/default.rb', line 6

def directives
  @directives
end

Class: ContentSecurityPolicy::Default

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(base_url:) ⇒ Default

Instance Attribute Details

#directives ⇒ Object (readonly)

#initialize(base_url:) ⇒ `Default`

#directives ⇒ `Object` (readonly)