Module: ContentSecurityPolicy::Extension

Extended by:

Extension

Included in:

Extension

Defined in:

lib/content_security_policy/extension.rb

Constant Summary

THEME_SETTING =

"extend_content_security_policy"

Instance Method Summary

• #clear_theme_extensions_cache! ⇒ Object
• #path_specific_extension(path_info) ⇒ Object
• #plugin_extensions ⇒ Object
• #site_setting_extension ⇒ Object
• #theme_extensions(theme_id) ⇒ Object

Instance Method Details

#clear_theme_extensions_cache! ⇒ Object

# File 'lib/content_security_policy/extension.rb', line 33

def clear_theme_extensions_cache!
  cache.clear
end

#path_specific_extension(path_info) ⇒ Object

# File 'lib/content_security_policy/extension.rb', line 10

def path_specific_extension(path_info)
  {}.tap do |obj|
    for_qunit_route = !Rails.env.production? && %w[/qunit /wizard/qunit].include?(path_info)
    for_qunit_route ||= "/theme-qunit" == path_info
    obj[:script_src] = :unsafe_eval if for_qunit_route
  end
end

#plugin_extensions ⇒ Object

# File 'lib/content_security_policy/extension.rb', line 18

def plugin_extensions
  [].tap do |extensions|
    Discourse.plugins.each do |plugin|
      extensions.concat(plugin.csp_extensions) if plugin.enabled?
    end
  end
end

#site_setting_extension ⇒ Object

# File 'lib/content_security_policy/extension.rb', line 6

def site_setting_extension
  { script_src: SiteSetting.content_security_policy_script_src.split("|") }
end

#theme_extensions(theme_id) ⇒ Object

# File 'lib/content_security_policy/extension.rb', line 28

def theme_extensions(theme_id)
  key = "theme_extensions_#{theme_id}"
  cache.defer_get_set(key) { find_theme_extensions(theme_id) }
end