module SecureHeaders::DynamicConfig

Public Class Methods

included(base) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 4
def self.included(base)
  base.send(:attr_reader, *base.attrs)
  base.attrs.each do |attr|
    base.send(:define_method, "#{attr}=") do |value|
      if self.class.attrs.include?(attr)
        write_attribute(attr, value)
      else
        raise ContentSecurityPolicyConfigError, "Unknown config directive: #{attr}=#{value}"
      end
    end
  end
end
new(hash) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 17
def initialize(hash)
  @base_uri = nil
  @block_all_mixed_content = nil
  @child_src = nil
  @connect_src = nil
  @default_src = nil
  @font_src = nil
  @form_action = nil
  @frame_ancestors = nil
  @frame_src = nil
  @img_src = nil
  @manifest_src = nil
  @media_src = nil
  @navigate_to = nil
  @object_src = nil
  @plugin_types = nil
  @prefetch_src = nil
  @preserve_schemes = nil
  @report_only = nil
  @report_uri = nil
  @require_sri_for = nil
  @require_trusted_types_for = nil
  @sandbox = nil
  @script_nonce = nil
  @script_src = nil
  @script_src_elem = nil
  @script_src_attr = nil
  @style_nonce = nil
  @style_src = nil
  @style_src_elem = nil
  @style_src_attr = nil
  @trusted_types = nil
  @worker_src = nil
  @upgrade_insecure_requests = nil
  @disable_nonce_backwards_compatibility = nil

  from_hash(hash)
end

Public Instance Methods

==(o) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 95
def ==(o)
  self.class == o.class && self.to_h == o.to_h
end
[](directive)
Alias for: directive_value
[]=(directive, value)
Alias for: update_directive
append(new_hash) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 76
def append(new_hash)
  from_hash(ContentSecurityPolicy.combine_policies(self.to_h, new_hash))
end
directive_value(directive) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 60
def directive_value(directive)
  if self.class.attrs.include?(directive)
    self.send(directive)
  end
end
Also aliased as: []
dup() click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 87
def dup
  self.class.new(self.to_h)
end
merge(new_hash) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 66
def merge(new_hash)
  new_config = self.dup
  new_config.send(:from_hash, new_hash)
  new_config
end
merge!(new_hash) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 72
def merge!(new_hash)
  from_hash(new_hash)
end
opt_out?() click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 91
def opt_out?
  false
end
to_h() click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 80
def to_h
  self.class.attrs.each_with_object({}) do |key, hash|
    value = self.send(key)
    hash[key] = value unless value.nil?
  end
end
update_directive(directive, value) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 56
def update_directive(directive, value)
  self.send("#{directive}=", value)
end
Also aliased as: []=

Private Instance Methods

from_hash(hash) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 103
def from_hash(hash)
  hash.each_pair do |k, v|
    next if v.nil?

    if self.class.attrs.include?(k)
      write_attribute(k, v)
    else
      raise ContentSecurityPolicyConfigError, "Unknown config directive: #{k}=#{v}"
    end
  end
end
write_attribute(attr, value) click to toggle source
# File lib/secure_headers/headers/content_security_policy_config.rb, line 115
def write_attribute(attr, value)
  value = value.dup if PolicyManagement::DIRECTIVE_VALUE_TYPES[attr] == :source_list
  attr_variable = "@#{attr}"
  self.instance_variable_set(attr_variable, value)
end