Module: SecureHeaders::ClassMethods

Defined in:

lib/secure_headers.rb

Instance Attribute Summary

• #secure_headers_options ⇒ Object

Instance Method Summary

• #ensure_security_headers(options = {}) ⇒ Object
• #options_for(type, options) ⇒ Object

  we can’t use ||= because I’m overloading false => disable, nil => default both of which trigger the conditional assignment.

Instance Attribute Details

#secure_headers_options ⇒ Object

# File 'lib/secure_headers.rb', line 31

def secure_headers_options
  if @secure_headers_options
    @secure_headers_options
  elsif superclass.respond_to?(:secure_headers_options) # stop at application_controller
    superclass.secure_headers_options
  else
    {}
  end
end

Instance Method Details

#ensure_security_headers(options = {}) ⇒ Object

# File 'lib/secure_headers.rb', line 41

def ensure_security_headers options = {}
  self.secure_headers_options = options
  before_filter :prep_script_hash
  before_filter :set_hsts_header
  before_filter :set_hpkp_header
  before_filter :set_x_frame_options_header
  before_filter :set_csp_header
  before_filter :set_x_xss_protection_header
  before_filter :set_x_content_type_options_header
  before_filter :set_x_download_options_header
  before_filter :set_x_permitted_cross_domain_policies_header
end

#options_for(type, options) ⇒ Object

we can’t use ||= because I’m overloading false => disable, nil => default both of which trigger the conditional assignment

# File 'lib/secure_headers.rb', line 56

def options_for(type, options)
  options.nil? ? ::SecureHeaders::Configuration.send(type) : options
end