Sha256: c9d7ca0c95666e7dd4118c43838d86dcd443730167af592f775f855c88f35d5f
Contents?: true
Size: 1.41 KB
Versions: 33
Compression:
Stored size: 1.41 KB
Contents
# frozen_string_literal: true
# rails 3.1+
if defined?(Rails::Railtie)
module SecureHeaders
class Railtie < Rails::Railtie
isolate_namespace SecureHeaders if defined? isolate_namespace # rails 3.0
conflicting_headers = ["X-Frame-Options", "X-XSS-Protection",
"X-Permitted-Cross-Domain-Policies", "X-Download-Options",
"X-Content-Type-Options", "Strict-Transport-Security",
"Content-Security-Policy", "Content-Security-Policy-Report-Only",
"Public-Key-Pins", "Public-Key-Pins-Report-Only", "Referrer-Policy"]
initializer "secure_headers.middleware" do
Rails.application.config.middleware.insert_before 0, SecureHeaders::Middleware
end
rake_tasks do
load File.expand_path(File.join("..", "..", "lib", "tasks", "tasks.rake"), File.dirname(__FILE__))
end
initializer "secure_headers.action_controller" do
ActiveSupport.on_load(:action_controller) do
include SecureHeaders
unless Rails.application.config.action_dispatch.default_headers.nil?
conflicting_headers.each do |header|
Rails.application.config.action_dispatch.default_headers.delete(header)
end
end
end
end
end
end
else
module ActionController
class Base
include SecureHeaders
end
end
end
Version data entries
33 entries across 33 versions & 1 rubygems