Method: ContentSecurityPolicy.configure

Defined in:
lib/content-security-policy.rb

.configure {|ContentSecurityPolicy| ... } ⇒ Object

Configures Content Security Policy directives.

Note that default-src directive should always be set.

Examples:

ContentSecurityPolicy.configure do |csp|
  csp.report_only = true
  csp['default-src'] = "'self'"
  csp['script-src']  = '*.example.com'
end
use ContentSecurityPolicy

Yields:



29
30
31
32
 
# File 'lib/content-security-policy.rb', line 29

def configure(&blk)
  @directives ||= {}
  blk.call(self)
end