Sha256: 9bb5bf6da1a41bcfe6b9877febdb53df018bcc6e8ba6efb05895cf5b7af27e84
Contents?: true
Size: 1.32 KB
Versions: 1
Compression:
Stored size: 1.32 KB
Contents
# frozen_string_literal: true
module SecureHeaders
class ReferrerPolicyConfigError < StandardError; end
class ReferrerPolicy
HEADER_NAME = "referrer-policy".freeze
DEFAULT_VALUE = "origin-when-cross-origin"
VALID_POLICIES = %w(
no-referrer
no-referrer-when-downgrade
same-origin
strict-origin
strict-origin-when-cross-origin
origin
origin-when-cross-origin
unsafe-url
)
class << self
# Public: generate an Referrer Policy header.
#
# Returns a default header if no configuration is provided, or a
# header name and value based on the config.
def make_header(config = nil, user_agent = nil)
return if config == OPT_OUT
config ||= DEFAULT_VALUE
[HEADER_NAME, Array(config).join(", ")]
end
def validate_config!(config)
case config
when nil, OPT_OUT
# valid
when String, Array
config = Array(config)
unless config.all? { |t| t.is_a?(String) && VALID_POLICIES.include?(t.downcase) }
raise ReferrerPolicyConfigError.new("Value can only be one or more of #{VALID_POLICIES.join(", ")}")
end
else
raise TypeError.new("Must be a string or array of strings. Found #{config.class}: #{config}")
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| secure_headers-7.1.0 | lib/secure_headers/headers/referrer_policy.rb |