Class: Brut::FrontEnd::RouteHooks::CSPNoInlineStylesOrScripts

Inherits:

Brut::FrontEnd::RouteHook

Object
Brut::FrontEnd::RouteHook
Brut::FrontEnd::RouteHooks::CSPNoInlineStylesOrScripts

show all

Defined in:: lib/brut/front_end/route_hooks/csp_no_inline_styles_or_scripts.rb

Overview

Sets content security policy headers that forbid inline scripts and inline styles.

Direct Known Subclasses

ReportOnly

Defined Under Namespace

Classes: ReportOnly

Instance Method Summary collapse

#after(response:) ⇒ Object

Instance Method Details

#after(response:) ⇒ `Object`

# File 'lib/brut/front_end/route_hooks/csp_no_inline_styles_or_scripts.rb', line 6

def after(response:)
  response.headers["Content-Security-Policy"] = header_value
  continue
end

Class: Brut::FrontEnd::RouteHooks::CSPNoInlineStylesOrScripts

Overview

Direct Known Subclasses

Defined Under Namespace

Instance Method Summary collapse

Methods inherited from Brut::FrontEnd::RouteHook

Methods included from Brut::Framework::Errors

Methods included from HandlingResults

Instance Method Details

#after(response:) ⇒ Object

#after(response:) ⇒ `Object`