class Marten::Middleware::ContentSecurityPolicy
- Marten::Middleware::ContentSecurityPolicy
- Marten::Middleware
- Reference
- Object
Overview
Sets the Content-Security-Policy header in the response if it wasn't already set.
This middleware guarantees the presence of the Content-Security-Policy header in the response's headers. This header provides clients with the ability to limit the allowed sources of different types of content.
By default, the middleware will include a Content-Security-Policy header that corresponds to the policy defined in
the content_security_policy settings. However, if a Marten::HTTP::ContentSecurityPolicy object is explicitly
assigned to the request object, it will take precedence over the default policy and be used instead.
Defined in:
marten/middleware/content_security_policy.crInstance Method Summary
-
#call(request : Marten::HTTP::Request, get_response : Proc(Marten::HTTP::Response)) : Marten::HTTP::Response
Calls the middleware for a given HTTP request and returns a HTTP response.
Instance methods inherited from class Marten::Middleware
call(request : Marten::HTTP::Request, get_response : Proc(Marten::HTTP::Response)) : Marten::HTTP::Response
call,
next : Nil | Middleware
next,
next=(next __arg0 : Nil | Middleware)
next=
Instance Method Detail
Calls the middleware for a given HTTP request and returns a HTTP response.
This method must be implemented by subclasses: it takes a request argument (the current HTTP request) and a
get_response proc that allows to get the final response. This proc might actually call the next middleware in
the chain of configured middlewares, or the final matched handler. That way, the current middleware have the
ability to intercept any incoming request and the associated response, and to modify them if applicable.