Module: SecureHeaders
- Included in:
- ActionController::Base
- Defined in:
- lib/secure_headers.rb,
lib/secure_headers/header.rb,
lib/secure_headers/padrino.rb,
lib/secure_headers/railtie.rb,
lib/secure_headers/version.rb,
lib/secure_headers/hash_helper.rb,
lib/secure_headers/view_helper.rb,
lib/secure_headers/headers/public_key_pins.rb,
lib/secure_headers/headers/x_frame_options.rb,
lib/secure_headers/headers/x_xss_protection.rb,
lib/secure_headers/headers/x_download_options.rb,
lib/secure_headers/headers/x_content_type_options.rb,
lib/secure_headers/headers/content_security_policy.rb,
lib/secure_headers/headers/strict_transport_security.rb,
lib/secure_headers/headers/x_permitted_cross_domain_policies.rb,
lib/secure_headers/headers/content_security_policy/script_hash_middleware.rb
Defined Under Namespace
Modules: ClassMethods, Configuration, HashHelper, InstanceMethods, Padrino, ViewHelpers
Classes: ContentSecurityPolicy, ContentSecurityPolicyBuildError, Header, PublicKeyPins, PublicKeyPinsBuildError, Railtie, STSBuildError, StrictTransportSecurity, UnexpectedHashedScriptException, XContentTypeOptions, XContentTypeOptionsBuildError, XDOBuildError, XDownloadOptions, XFOBuildError, XFrameOptions, XPCDPBuildError, XPermittedCrossDomainPolicies, XXssProtection, XXssProtectionBuildError
Constant Summary
collapse
- SCRIPT_HASH_CONFIG_FILE =
'config/script_hashes.yml'
- HASHES_ENV_KEY =
'secure_headers.script_hashes'
[
SecureHeaders::ContentSecurityPolicy,
SecureHeaders::StrictTransportSecurity,
SecureHeaders::PublicKeyPins,
SecureHeaders::XContentTypeOptions,
SecureHeaders::XDownloadOptions,
SecureHeaders::XFrameOptions,
SecureHeaders::XPermittedCrossDomainPolicies,
SecureHeaders::XXssProtection
]
- VERSION =
"2.4.3"
Class Method Summary
collapse
Class Method Details
.append_features(base) ⇒ Object
46
47
48
49
50
51
|
# File 'lib/secure_headers.rb', line 46
def append_features(base)
base.module_eval do
extend ClassMethods
include InstanceMethods
end
end
|
69
70
71
72
|
# File 'lib/secure_headers.rb', line 69
def (name, klass, options)
return if options == false
klass.new(options)
end
|
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# File 'lib/secure_headers.rb', line 53
def (options = nil)
ALL_HEADER_CLASSES.inject({}) do |memo, klass|
config = if options.is_a?(Hash) && options[klass::Constants::CONFIG_KEY]
options[klass::Constants::CONFIG_KEY]
else
::SecureHeaders::Configuration.send(klass::Constants::CONFIG_KEY)
end
unless klass == SecureHeaders::PublicKeyPins && !config.is_a?(Hash)
= (klass::Constants::CONFIG_KEY, klass, config)
memo[.name] = .value
end
memo
end
end
|