Sha256: f1a874e6f417961eec1d378767e5e167276c417486a2504732ae405146ab9922
Contents?: true
Size: 1.36 KB
Versions: 1
Compression:
Stored size: 1.36 KB
Contents
# rails 3.1+
if defined?(Rails::Railtie)
module SecureHeaders
class Railtie < Rails::Railtie
isolate_namespace SecureHeaders if defined? isolate_namespace # rails 3.0
conflicting_headers = ['X-Frame-Options', 'X-XSS-Protection',
'X-Permitted-Cross-Domain-Policies', 'X-Download-Options',
'X-Content-Type-Options', 'Strict-Transport-Security',
'Content-Security-Policy', 'Content-Security-Policy-Report-Only',
'Public-Key-Pins', 'Public-Key-Pins-Report-Only']
initializer "secure_headers.middleware" do
Rails.application.config.middleware.insert_before 0, SecureHeaders::Middleware
end
rake_tasks do
load File.expand_path(File.join('..', '..', 'lib', 'tasks', 'tasks.rake'), File.dirname(__FILE__))
end
initializer "secure_headers.action_controller" do
ActiveSupport.on_load(:action_controller) do
include SecureHeaders
unless Rails.application.config.action_dispatch.default_headers.nil?
conflicting_headers.each do |header|
Rails.application.config.action_dispatch.default_headers.delete(header)
end
end
end
end
end
end
else
module ActionController
class Base
include SecureHeaders
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| secure_headers-3.2.0 | lib/secure_headers/railtie.rb |