Sha256: 2b68a2bbaa8c641148c4ae9bff042969bff4f1335624282efef774fa88aee50c
Contents?: true
Size: 1.03 KB
Versions: 1
Compression:
Stored size: 1.03 KB
Contents
# frozen_string_literal: true
module SecureHeaders
class XPCDPConfigError < StandardError; end
class XPermittedCrossDomainPolicies
HEADER_NAME = "x-permitted-cross-domain-policies".freeze
DEFAULT_VALUE = "none"
VALID_POLICIES = %w(all none master-only by-content-type by-ftp-filename)
class << self
# Public: generate an x-permitted-cross-domain-policies header.
#
# Returns a default header if no configuration is provided, or a
# header name and value based on the config.
def make_header(config = nil, user_agent = nil)
return if config == OPT_OUT
[HEADER_NAME, config || DEFAULT_VALUE]
end
def validate_config!(config)
return if config.nil? || config == OPT_OUT
raise TypeError.new("Must be a string. Found #{config.class}: #{config}") unless config.is_a?(String)
unless VALID_POLICIES.include?(config.downcase)
raise XPCDPConfigError.new("Value can only be one of #{VALID_POLICIES.join(', ')}")
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| secure_headers-7.1.0 | lib/secure_headers/headers/x_permitted_cross_domain_policies.rb |