Class: Gitlab::Middleware::SecureHeaders

Inherits:

Object

Object
Gitlab::Middleware::SecureHeaders

show all

Defined in:: lib/gitlab/middleware/secure_headers.rb

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app) ⇒ SecureHeaders constructor

A new instance of SecureHeaders.

Constructor Details

#initialize(app) ⇒ `SecureHeaders`

Returns a new instance of SecureHeaders.



6
7
8

# File 'lib/gitlab/middleware/secure_headers.rb', line 6

def initialize(app)
  @app = app
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/gitlab/middleware/secure_headers.rb', line 10

def call(env)
  status, headers, body = @app.call(env)

  # Remove NEL policy from the policy cache by setting max_age to 0.
  # https://w3c.github.io/network-error-logging/#the-max_age-member
  # https://w3c.github.io/network-error-logging/#example-2
  headers['NEL'] = '{"max_age": 0}'

  [status, headers, body]
end