class SecureHeaders::XPermittedCrossDomainPolicies

Constants

DEFAULT_VALUE
HEADER_NAME
VALID_POLICIES

Public Class Methods

make_header(config = nil, user_agent = nil) click to toggle source

Public: generate an X-Permitted-Cross-Domain-Policies header.

Returns a default header if no configuration is provided, or a header name and value based on the config.

# File lib/secure_headers/headers/x_permitted_cross_domain_policies.rb, line 14
def make_header(config = nil, user_agent = nil)
  return if config == OPT_OUT
  [HEADER_NAME, config || DEFAULT_VALUE]
end
validate_config!(config) click to toggle source
# File lib/secure_headers/headers/x_permitted_cross_domain_policies.rb, line 19
def validate_config!(config)
  return if config.nil? || config == OPT_OUT
  raise TypeError.new("Must be a string. Found #{config.class}: #{config}") unless config.is_a?(String)
  unless VALID_POLICIES.include?(config.downcase)
    raise XPCDPConfigError.new("Value can only be one of #{VALID_POLICIES.join(', ')}")
  end
end