Class: Hanami::Config::Security

Inherits:
Object
  • Object
show all
Defined in:
lib/hanami/config/security.rb

Overview

Security policies are stored here.

Since:

  • 0.3.0

Constant Summary collapse

X_FRAME_OPTIONS_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.3.0

'X-Frame-Options'.freeze
X_CONTENT_TYPE_OPTIONS_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

'X-Content-Type-Options'.freeze
X_XSS_PROTECTION_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

'X-XSS-Protection'.freeze
CONTENT_SECURITY_POLICY_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.3.0

'Content-Security-Policy'.freeze
SEPARATOR =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

';'.freeze
SPACED_SEPARATOR =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

"#{ SEPARATOR } ".freeze

Instance Method Summary collapse

Instance Method Details

#content_security_policy(value) ⇒ Object #content_security_policyString

Content-Policy-Security headers’ value

Overloads:

  • #content_security_policy(value) ⇒ Object

    Sets the given value

    Parameters:

    • value (String)

      for Content-Security-Policy header.

  • #content_security_policyString

    Gets the value

    Returns:

    • (String)

      Content-Security-Policy header’s value

Since:

  • 0.3.0



99
100
101
102
103
104
105
 
# File 'lib/hanami/config/security.rb', line 99

def content_security_policy(value = nil)
  if value.nil?
    @content_security_policy
  else
    @content_security_policy = value.split(SEPARATOR).map(&:strip).join(SPACED_SEPARATOR)
  end
end

#x_content_type_options(value) ⇒ Object #x_content_type_optionsString

X-Content-Type-Options headers’ value

Overloads:

  • #x_content_type_options(value) ⇒ Object

    Sets the given value

    Parameters:

    • value (String)

      for X-Content-Type-Options header.

  • #x_content_type_optionsString

    Gets the value

    Returns:

    • (String)

      X-Content-Type-Options header’s value

Since:

  • 0.8.0



61
62
63
64
65
66
67
 
# File 'lib/hanami/config/security.rb', line 61

def x_content_type_options(value = nil)
  if value.nil?
    @x_content_type_options
  else
    @x_content_type_options = value
  end
end

#x_frame_options(value) ⇒ Object #x_frame_optionsString

X-Frame-Options headers’ value

Overloads:

  • #x_frame_options(value) ⇒ Object

    Sets the given value

    Parameters:

    • value (String)

      for X-Frame-Options header.

  • #x_frame_optionsString

    Gets the value

    Returns:

    • (String)

      X-Frame-Options header’s value

Since:

  • 0.3.0



42
43
44
45
46
47
48
 
# File 'lib/hanami/config/security.rb', line 42

def x_frame_options(value = nil)
  if value.nil?
    @x_frame_options
  else
    @x_frame_options = value
  end
end

#x_xss_protection(value) ⇒ Object #x_xss_protectionString

X-XSS-Protection headers’ value

Overloads:

  • #x_xss_protection(value) ⇒ Object

    Sets the given value

    Parameters:

    • value (String)

      for X-XSS-Protection header.

  • #x_xss_protectionString

    Gets the value

    Returns:

    • (String)

      X-XSS-Protection header’s value

Since:

  • 0.8.0



80
81
82
83
84
85
86
 
# File 'lib/hanami/config/security.rb', line 80

def x_xss_protection(value = nil)
  if value.nil?
    @x_xss_protection
  else
    @x_xss_protection = value
  end
end