Sha256: 83e3aa65288729d63a2534705c5ebd57b27777004c056721d302f6bb2489f699
Contents?: true
Size: 1.15 KB
Versions: 18
Compression:
Stored size: 1.15 KB
Contents
# rails 3.1+
if defined?(Rails::Railtie)
module SecureHeaders
class Railtie < Rails::Engine
isolate_namespace ::SecureHeaders if defined? isolate_namespace # rails 3.0
conflicting_headers = ['X-Frame-Options', 'X-XSS-Protection', 'X-Content-Type-Options',
'X-Permitted-Cross-Domain-Policies', 'X-Download-Options',
'X-Content-Type-Options', 'Strict-Transport-Security',
'Content-Security-Policy', 'Content-Security-Policy-Report-Only',
'X-Permitted-Cross-Domain-Policies','Public-Key-Pins','Public-Key-Pins-Report-Only']
initializer "secure_headers.action_controller" do
ActiveSupport.on_load(:action_controller) do
include ::SecureHeaders
unless Rails.application.config.action_dispatch.default_headers.nil?
conflicting_headers.each do |header|
Rails.application.config.action_dispatch.default_headers.delete(header)
end
end
end
end
end
end
else
module ActionController
class Base
include ::SecureHeaders
end
end
end
Version data entries
18 entries across 18 versions & 1 rubygems