Contents

module SecureHeaders
  class XFOBuildError < StandardError; end
  class XFrameOptions
    module Constants
      XFO_HEADER_NAME = "X-FRAME-OPTIONS"
      DEFAULT_VALUE = 'SAMEORIGIN'
      VALID_XFO_HEADER = /\A(SAMEORIGIN\z|DENY\z|ALLOW-FROM:)/i
    end
    include Constants

    def initialize(config = nil)
      @config = config
      validate_config unless @config.nil?
    end

    def name
      XFO_HEADER_NAME
    end

    def value
      case @config
      when NilClass
        DEFAULT_VALUE
      when String
        @config
      else
        @config[:value]
      end
    end

    private

    def validate_config
      value = @config.is_a?(Hash) ? @config[:value] : @config
      unless value =~ VALID_XFO_HEADER
        raise XFOBuildError.new("Value must be SAMEORIGIN|DENY|ALLOW-FROM:")
      end
    end
  end
end

Version data entries

9 entries across 9 versions & 1 rubygems

Version	Path
secure_headers-0.4.3	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.4.2	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.4.1	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.4.0	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.3.0	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.2.1	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.2.0	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.1.1	lib/secure_headers/headers/x_frame_options.rb
secure_headers-0.1.0	lib/secure_headers/headers/x_frame_options.rb