ActionDispatch::ContentSecurityPolicy
No documentation available for this class.
Constants
DEFAULT_NONCE_DIRECTIVES = %w[script-src style-src].freeze
DIRECTIVES = {\nbase_uri: "base-uri",\nchild_src: "child-src",\nconnect_src: "connect-src",\ndefault_src: "default-src",\nfont_src: "font-src",\nform_action: "form-action",\nframe_ancestors: "frame-ancestors",\nframe_src: "frame-src",\nimg_src: "img-src",\nmanifest_src: "manifest-src",\nmedia_src: "media-src",\nobject_src: "object-src",\nprefetch_src: "prefetch-src",\nrequire_trusted_types_for: "require-trusted-types-for",\nscript_src: "script-src",\nscript_src_attr: "script-src-attr",\nscript_src_elem: "script-src-elem",\nstyle_src: "style-src",\nstyle_src_attr: "style-src-attr",\nstyle_src_elem: "style-src-elem",\ntrusted_types: "trusted-types",\nworker_src: "worker-src"\n}.freeze
MAPPINGS = {\nself: "'self'",\nunsafe_eval: "'unsafe-eval'",\nunsafe_inline: "'unsafe-inline'",\nnone: "'none'",\nhttp: "http:",\nhttps: "https:",\ndata: "data:",\nmediastream: "mediastream:",\nallow_duplicates: "'allow-duplicates'",\nblob: "blob:",\nfilesystem: "filesystem:",\nreport_sample: "'report-sample'",\nscript: "'script'",\nstrict_dynamic: "'strict-dynamic'",\nws: "ws:",\nwss: "wss:"\n}.freeze
Attributes
| [R] | directives |
Files
- actionpack/lib/action_dispatch/http/content_security_policy.rb
