class SecureHeaders::XXssProtection
Public Class Methods
new(config=nil)
click to toggle source
# File lib/secure_headers/headers/x_xss_protection.rb, line 11 def initialize(config=nil) @config = config validate_config unless @config.nil? end
Public Instance Methods
name()
click to toggle source
# File lib/secure_headers/headers/x_xss_protection.rb, line 16 def name X_XSS_PROTECTION_HEADER_NAME end
value()
click to toggle source
# File lib/secure_headers/headers/x_xss_protection.rb, line 20 def value case @config when NilClass DEFAULT_VALUE when String @config else value = @config[:value].to_s value += "; mode=#{@config[:mode]}" if @config[:mode] value += "; report=#{@config[:report_uri]}" if @config[:report_uri] value end end
Private Instance Methods
validate_config()
click to toggle source
# File lib/secure_headers/headers/x_xss_protection.rb, line 36 def validate_config if @config.is_a? Hash if !@config[:value] raise XXssProtectionBuildError.new(":value key is missing") elsif @config[:value] unless [0,1].include?(@config[:value].to_i) raise XXssProtectionBuildError.new(":value must be 1 or 0") end if @config[:mode] && @config[:mode].casecmp('block') != 0 raise XXssProtectionBuildError.new(":mode must nil or 'block'") end end elsif @config.is_a? String raise XXssProtectionBuildError.new("Invalid format (see VALID_X_XSS_HEADER)") unless @config =~ VALID_X_XSS_HEADER end end