Sha256: db3ec1ddf8cebb15f6b939974367f34e1c5e6db7bc1b7fd06e8c208ee57ab07d
Contents?: true
Size: 1.45 KB
Versions: 2
Compression:
Stored size: 1.45 KB
Contents
## Content Security Policy
[](http://travis-ci.org/p0deje/content-security-policy)
Implementation of Content Security Policy as Rack middleware.
More information about Content Security Policy - http://www.w3.org/TR/CSP/.
## Installation
Install as usually `gem install content-security-policy`
## Usage
Add Content Security Policy to your Rack configuration `config.ru`.
```ruby
require 'content-security-policy'
ContentSecurityPolicy.configure do |csp|
csp['default-src'] = "'self'"
csp['script-src'] = '*.example.com'
end
use ContentSecurityPolicy
run MyApplication
```
You can also pass directives during initialization.
```ruby
require 'content-security-policy'
use ContentSecurityPolicy, :directives => { 'policy-uri' => 'policy.xml' }
run MyApplication
```
You can also use report-only mode.
```ruby
require 'content-security-policy'
ContentSecurityPolicy.configure do |csp|
csp.report_only = true
csp['default-src'] = "'self'"
csp['script-src'] = '*.example.com'
end
use ContentSecurityPolicy
run MyApplication
```
```ruby
require 'content-security-policy'
use ContentSecurityPolicy, :directives => { 'policy-uri' => 'policy.xml' }, :report_only => true
run MyApplication
```
## Status
Content Security Policy is now implemented with `X-Content-Security-Policy` and `X-WebKit-CSP` headers.
## Copyright
Copyright (c) 2012 Alexey Rodionov. See LICENSE for details.
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| content-security-policy-0.1.2 | README.md |
| content-security-policy-0.1.1 | README.md |