Class: Hanami::Config::Security Private
- Inherits:
-
Object
- Object
- Hanami::Config::Security
- Defined in:
- lib/hanami/config/security.rb
Overview
This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.
Security policies are stored here.
Constant Summary collapse
- X_FRAME_OPTIONS_HEADER =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
'X-Frame-Options'.freeze
- X_CONTENT_TYPE_OPTIONS_HEADER =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
'X-Content-Type-Options'.freeze
- X_XSS_PROTECTION_HEADER =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
'X-XSS-Protection'.freeze
- CONTENT_SECURITY_POLICY_HEADER =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
'Content-Security-Policy'.freeze
- SEPARATOR =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
';'.freeze
- SPACED_SEPARATOR =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
"#{ SEPARATOR } ".freeze
Instance Method Summary collapse
-
#content_security_policy(value = nil) ⇒ Object
private
Content-Policy-Security headers’ value.
-
#x_content_type_options(value = nil) ⇒ Object
private
X-Content-Type-Options headers’ value.
-
#x_frame_options(value = nil) ⇒ Object
private
X-Frame-Options headers’ value.
-
#x_xss_protection(value = nil) ⇒ Object
private
X-XSS-Protection headers’ value.
Instance Method Details
#content_security_policy(value) ⇒ Object #content_security_policy ⇒ String
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Content-Policy-Security headers’ value
101 102 103 104 105 106 107 |
# File 'lib/hanami/config/security.rb', line 101 def content_security_policy(value = nil) if value.nil? @content_security_policy else @content_security_policy = value.split(SEPARATOR).map(&:strip).join(SPACED_SEPARATOR) end end |
#x_content_type_options(value) ⇒ Object #x_content_type_options ⇒ String
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
X-Content-Type-Options headers’ value
63 64 65 66 67 68 69 |
# File 'lib/hanami/config/security.rb', line 63 def (value = nil) if value.nil? @x_content_type_options else @x_content_type_options = value end end |
#x_frame_options(value) ⇒ Object #x_frame_options ⇒ String
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
X-Frame-Options headers’ value
44 45 46 47 48 49 50 |
# File 'lib/hanami/config/security.rb', line 44 def (value = nil) if value.nil? @x_frame_options else @x_frame_options = value end end |
#x_xss_protection(value) ⇒ Object #x_xss_protection ⇒ String
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
X-XSS-Protection headers’ value
82 83 84 85 86 87 88 |
# File 'lib/hanami/config/security.rb', line 82 def x_xss_protection(value = nil) if value.nil? @x_xss_protection else @x_xss_protection = value end end |