Class: Hanami::Config::Security Private

Inherits:
Object
  • Object
show all
Defined in:
lib/hanami/config/security.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Security policies are stored here.

Since:

  • 0.3.0

Constant Summary collapse

X_FRAME_OPTIONS_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.3.0

'X-Frame-Options'.freeze
X_CONTENT_TYPE_OPTIONS_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

'X-Content-Type-Options'.freeze
X_XSS_PROTECTION_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

'X-XSS-Protection'.freeze
CONTENT_SECURITY_POLICY_HEADER =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.3.0

'Content-Security-Policy'.freeze
SEPARATOR =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

';'.freeze
SPACED_SEPARATOR =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Since:

  • 0.8.0

"#{ SEPARATOR } ".freeze

Instance Method Summary collapse

Instance Method Details

#content_security_policy(value) ⇒ Object #content_security_policyString

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Content-Policy-Security headers' value

Overloads:

  • #content_security_policy(value) ⇒ Object

    Sets the given value

  • #content_security_policyString

    Gets the value

Since:

  • 0.3.0


101
102
103
104
105
106
107
# File 'lib/hanami/config/security.rb', line 101

def content_security_policy(value = nil)
  if value.nil?
    @content_security_policy
  else
    @content_security_policy = value.split(SEPARATOR).map(&:strip).join(SPACED_SEPARATOR)
  end
end

#x_content_type_options(value) ⇒ Object #x_content_type_optionsString

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

X-Content-Type-Options headers' value

Overloads:

  • #x_content_type_options(value) ⇒ Object

    Sets the given value

  • #x_content_type_optionsString

    Gets the value

Since:

  • 0.8.0


63
64
65
66
67
68
69
# File 'lib/hanami/config/security.rb', line 63

def x_content_type_options(value = nil)
  if value.nil?
    @x_content_type_options
  else
    @x_content_type_options = value
  end
end

#x_frame_options(value) ⇒ Object #x_frame_optionsString

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

X-Frame-Options headers' value

Overloads:

  • #x_frame_options(value) ⇒ Object

    Sets the given value

  • #x_frame_optionsString

    Gets the value

Since:

  • 0.3.0


44
45
46
47
48
49
50
# File 'lib/hanami/config/security.rb', line 44

def x_frame_options(value = nil)
  if value.nil?
    @x_frame_options
  else
    @x_frame_options = value
  end
end

#x_xss_protection(value) ⇒ Object #x_xss_protectionString

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

X-XSS-Protection headers' value

Overloads:

  • #x_xss_protection(value) ⇒ Object

    Sets the given value

  • #x_xss_protectionString

    Gets the value

Since:

  • 0.8.0


82
83
84
85
86
87
88
# File 'lib/hanami/config/security.rb', line 82

def x_xss_protection(value = nil)
  if value.nil?
    @x_xss_protection
  else
    @x_xss_protection = value
  end
end