Module: ContentSecurityPolicyPatch

Included in:
BaseActionController
Defined in:
app/controllers/concerns/content_security_policy_patch.rb

Overview

TEMPORARY PATCH - REMOVE AFTER RAILS 7.2 MIGRATION IS COMPLETE

This patch provides backwards compatibility for content_security_policy_with_context during the Rails 7.2 upgrade process.

TODO: Remove this entire file once all controllers have been updated to use the native content_security_policy method instead of content_security_policy_with_context.

Migration steps:

  1. Update all controllers to use content_security_policy instead of content_security_policy_with_context

  2. Remove this file

Instance Method Summary collapse

Instance Method Details

#content_security_policy_with_context(enabled = true, **options, &block) ⇒ Object 



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'app/controllers/concerns/content_security_policy_patch.rb', line 16

def content_security_policy_with_context(enabled = true, **options, &block)
  if Rails.gem_version >= Gem::Version.new("7.2")
    # For Rails 7.2+, redirect to the native implementation
    content_security_policy(enabled, **options, &block)
  else
    # Original patch implementation for Rails < 7.2
    before_action(options) do
      if block
        policy = current_content_security_policy
        instance_exec(policy, &block)
        request.content_security_policy = policy
      end

      request.content_security_policy = nil unless enabled
    end
  end
end