lib/roda/plugins/content_security_policy.rb in roda-3.69.0 vs lib/roda/plugins/content_security_policy.rb in roda-3.70.0

@@ -198,11 +198,11 @@
           super
         end
 
         # The header name to use, depends on whether report only mode has been enabled.
         def header_key
-          @report_only ? 'Content-Security-Policy-Report-Only' : 'Content-Security-Policy'
+          @report_only ? RodaResponseHeaders::CONTENT_SECURITY_POLICY_REPORT_ONLY : RodaResponseHeaders::CONTENT_SECURITY_POLICY
         end
 
         # The header value to use.
         def header_value
           return @header_value if @header_value
@@ -307,10 +307,10 @@
         private
 
         # Set the appropriate content security policy header.
         def set_default_headers
           super
-          (@content_security_policy || roda_class.opts[:content_security_policy]).set_header(@headers)
+          (@content_security_policy || roda_class.opts[:content_security_policy]).set_header(headers)
         end
       end
     end
 
     register_plugin(:content_security_policy, ContentSecurityPolicy)