Class: Rack::SecureHeaders
- Inherits:
-
Object
- Object
- Rack::SecureHeaders
- Defined in:
- lib/rack/secure_headers.rb,
lib/rack/secure_headers/version.rb
Constant Summary collapse
- DEFAULTS =
{ hsts: { max_age: "31536000", include_subdomains: true }, x_content_type_options: "nosniff", x_frame_options: "SAMEORIGIN", x_permitted_cross_domain_policies: "none", x_xss_protection: "1; mode=block" }
- VERSION =
"0.0.3"
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app, options = {}) ⇒ SecureHeaders
constructor
A new instance of SecureHeaders.
Constructor Details
#initialize(app, options = {}) ⇒ SecureHeaders
Returns a new instance of SecureHeaders.
13 14 15 16 17 18 19 20 21 22 |
# File 'lib/rack/secure_headers.rb', line 13 def initialize(app, = {}) = DEFAULTS.merge() @app = app @headers = base_headers() if [:hsts] @headers["Strict-Transport-Security"] = hsts_header([:hsts]) end end |
Instance Method Details
#call(env) ⇒ Object
24 25 26 27 28 29 30 |
# File 'lib/rack/secure_headers.rb', line 24 def call(env) return @app.call(env).tap do |_, headers, _| @headers.each do |key, value| headers[key] ||= value end end end |