Class: Pah::Templates::SecureHeader

Inherits:
Pah::Template
  • Object
show all
Defined in:
lib/pah/templates/secure_headers.rb

Instance Method Summary collapse

Methods inherited from Pah::Template

#ask_unless_test, #copy_static_file, #git_commit, #static_files, #will_you_like_to?

Instance Method Details

#callObject 



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'lib/pah/templates/secure_headers.rb', line 4

def call
  content = <<EOF

  ensure_security_headers # See more: https://github.com/twitter/secureheaders
EOF

  inject_into_file 'app/controllers/application_controller.rb', content, after: 'with: :exception', verbose: false

  create_file 'config/initializers/secure_headers.rb' do
    <<-EOF
::SecureHeaders::Configuration.configure do |config|
  config.hsts = {:max_age => 20.years.to_i, :include_subdomains => true}
  config.x_frame_options = 'DENY'
  config.x_content_type_options = "nosniff"
  config.x_xss_protection = {:value => 1, :mode => 'block'}
  config.csp = false
end
EOF
  end
  git add: 'app/controllers/application_controller.rb'
  git add: 'config/initializers/secure_headers.rb'
  git_commit 'Add secure headers.'
end