Contents

module CspReport
  class CspDeclarationGenerator < Rails::Generators::Base
    desc "Adds the Content-Security-Policy directive in all the responses"
    def setup_filter
      inject_into_file "app/controllers/application_controller.rb",
        after: "ApplicationController < ActionController::Base\n" do
<<-CONTENT

  before_filter :csp

  def csp
    policy =  "default *;"
    policy << "script-src 'self';"
    policy << "report-uri /\#{CspReport::MOUNT_POINT}/csp_reports"
    response.headers['Content-Security-Policy'] = policy
  end

CONTENT
        end
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version	Path
csp_report-1.0.1	lib/generators/csp_report/csp_declaration_generator.rb
csp_report-1.0.0	lib/generators/csp_report/csp_declaration_generator.rb
csp_report-0.4.0	lib/generators/csp_report/csp_declaration_generator.rb
csp_report-0.3.0	lib/generators/csp_report/csp_declaration_generator.rb