Class: CspBuilder
- Inherits:
-
Object
- Object
- CspBuilder
- Defined in:
- lib/csp_builder.rb,
lib/csp_builder/version.rb,
lib/csp_builder/constants.rb
Overview
Content Security Policy builder class. This class provides a lot of methods for making it easier to compose Content Security Policies for your web applications.
Constant Summary collapse
- VERSION =
'0.2.0'.freeze
- FETCH_DIRECTIVES =
Fetch directive define the locations where various resource types can be loaded from. These directive all end in with “-src”
%i[ child connect default font frame img manifest media object script style worker ].freeze
- VALUE_DIRECTIVES =
Value directives are either document, navigation, reporting or other type of directives that require a value
%i[ base-uri form-action frame-ancestors plugin-types report-uri require-sri-for ].freeze
- META_DIRECTIVES =
Meta directives do not require a value and can be used in a <meta> tag in the document’s <head>
%i[ block-all-mixed-content upgrade-insecure-requests ].freeze
Instance Attribute Summary collapse
-
#result ⇒ Object
readonly
Final result string.
Instance Method Summary collapse
-
#base_uri(*values) ⇒ CspBuilder
Generated method.
-
#block_all_mixed_content(*values) ⇒ CspBuilder
Generated method.
-
#child_src(*values) ⇒ CspBuilder
Generated method.
-
#compile! ⇒ String
Compile Content Security Policy with all of the defined directives.
-
#compiled? ⇒ Boolean
Returns whether the result has been compiled or not.
-
#connect_src(*values) ⇒ CspBuilder
Generated method.
-
#default_src(*values) ⇒ CspBuilder
Generated method.
-
#font_src(*values) ⇒ CspBuilder
Generated method.
-
#form_action(*values) ⇒ CspBuilder
Generated method.
-
#frame_ancestors(*values) ⇒ CspBuilder
Generated method.
-
#frame_src(*values) ⇒ CspBuilder
Generated method.
-
#img_src(*values) ⇒ CspBuilder
Generated method.
-
#initialize ⇒ CspBuilder
constructor
Returns a new instance of
CspBuilder
. -
#manifest_src(*values) ⇒ CspBuilder
Generated method.
-
#media_src(*values) ⇒ CspBuilder
Generated method.
-
#object_src(*values) ⇒ CspBuilder
Generated method.
-
#plugin_types(*values) ⇒ CspBuilder
Generated method.
-
#report_uri(*values) ⇒ CspBuilder
Generated method.
-
#require_sri_for(*values) ⇒ CspBuilder
Generated method.
-
#script_src(*values) ⇒ CspBuilder
Generated method.
-
#style_src(*values) ⇒ CspBuilder
Generated method.
-
#upgrade_insecure_requests(*values) ⇒ CspBuilder
Generated method.
-
#worker_src(*values) ⇒ CspBuilder
Generated method.
Constructor Details
#initialize ⇒ CspBuilder
Returns a new instance of CspBuilder
24 25 26 27 |
# File 'lib/csp_builder.rb', line 24 def initialize @directives = {} @result = nil end |
Instance Attribute Details
#result ⇒ Object (readonly)
Final result string. This is set by compile!
21 22 23 |
# File 'lib/csp_builder.rb', line 21 def result @result end |
Instance Method Details
#base_uri(*values) ⇒ CspBuilder
Generated method
94 95 96 97 98 99 100 101 102 |
# File 'lib/csp_builder.rb', line 94 VALUE_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')}(*values) values.each { |value| set_directive! :'#{type}', value } self end RUBY_EVAL end |
#block_all_mixed_content(*values) ⇒ CspBuilder
Generated method
108 109 110 111 112 113 114 115 116 |
# File 'lib/csp_builder.rb', line 108 META_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')} @directives[:'#{type}'] = true self end RUBY_EVAL end |
#child_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#compile! ⇒ String
Compile Content Security Policy with all of the defined directives
37 38 39 40 41 |
# File 'lib/csp_builder.rb', line 37 def compile! @directives.freeze unless @directives.frozen? @result ||= compile.freeze end |
#compiled? ⇒ Boolean
Returns whether the result has been compiled or not
31 32 33 |
# File 'lib/csp_builder.rb', line 31 def compiled? !@result.nil? end |
#connect_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#default_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#font_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#form_action(*values) ⇒ CspBuilder
Generated method
94 95 96 97 98 99 100 101 102 |
# File 'lib/csp_builder.rb', line 94 VALUE_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')}(*values) values.each { |value| set_directive! :'#{type}', value } self end RUBY_EVAL end |
#frame_ancestors(*values) ⇒ CspBuilder
Generated method
94 95 96 97 98 99 100 101 102 |
# File 'lib/csp_builder.rb', line 94 VALUE_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')}(*values) values.each { |value| set_directive! :'#{type}', value } self end RUBY_EVAL end |
#frame_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#img_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#manifest_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#media_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#object_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#plugin_types(*values) ⇒ CspBuilder
Generated method
94 95 96 97 98 99 100 101 102 |
# File 'lib/csp_builder.rb', line 94 VALUE_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')}(*values) values.each { |value| set_directive! :'#{type}', value } self end RUBY_EVAL end |
#report_uri(*values) ⇒ CspBuilder
Generated method
94 95 96 97 98 99 100 101 102 |
# File 'lib/csp_builder.rb', line 94 VALUE_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')}(*values) values.each { |value| set_directive! :'#{type}', value } self end RUBY_EVAL end |
#require_sri_for(*values) ⇒ CspBuilder
Generated method
94 95 96 97 98 99 100 101 102 |
# File 'lib/csp_builder.rb', line 94 VALUE_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')}(*values) values.each { |value| set_directive! :'#{type}', value } self end RUBY_EVAL end |
#script_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#style_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |
#upgrade_insecure_requests(*values) ⇒ CspBuilder
Generated method
108 109 110 111 112 113 114 115 116 |
# File 'lib/csp_builder.rb', line 108 META_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type.to_s.gsub('-', '_')} @directives[:'#{type}'] = true self end RUBY_EVAL end |
#worker_src(*values) ⇒ CspBuilder
Generated method
72 73 74 75 76 77 78 79 80 |
# File 'lib/csp_builder.rb', line 72 FETCH_DIRECTIVES.each do |type| class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1 def #{type}_src(*values) values.each { |value| set_directive! :'#{type}-src', value } self end RUBY_EVAL end |