Class: SecureHeaders::Middleware
- Inherits:
-
Object
- Object
- SecureHeaders::Middleware
- Defined in:
- lib/secure_headers/middleware.rb
Constant Summary collapse
- HPKP_SAME_HOST_WARNING =
"[WARNING] HPKP report host should not be the same as the request host. See https://github.com/twitter/secureheaders/issues/166"
Instance Method Summary collapse
-
#call(env) ⇒ Object
merges the hash of headers into the current header set.
-
#initialize(app) ⇒ Middleware
constructor
A new instance of Middleware.
Constructor Details
#initialize(app) ⇒ Middleware
Returns a new instance of Middleware.
6 7 8 |
# File 'lib/secure_headers/middleware.rb', line 6 def initialize(app) @app = app end |
Instance Method Details
#call(env) ⇒ Object
merges the hash of headers into the current header set.
11 12 13 14 15 16 17 18 19 20 21 22 23 |
# File 'lib/secure_headers/middleware.rb', line 11 def call(env) req = Rack::Request.new(env) status, headers, response = @app.call(env) config = SecureHeaders.config_for(req) if config.hpkp_report_host == req.host Kernel.warn(HPKP_SAME_HOST_WARNING) end (headers, override_secure(env, config.)) unless config. == OPT_OUT headers.merge!(SecureHeaders.header_hash_for(req)) [status, headers, response] end |