module Marten::Handlers::ContentSecurityPolicy::ClassMethods
Defined in:
marten/handlers/concerns/content_security_policy.crInstance Method Summary
-
#content_security_policy(&content_security_policy_block : HTTP::ContentSecurityPolicy -> )
Allows to define a custom Content-Security-Policy that will be used for the considered handler only.
-
#exempt_from_content_security_policy(exempt : Bool) : Nil
Allows to define whether or not the handler responses should be exempted from using Content-Security-Policy.
-
#exempt_from_content_security_policy?
Returns a boolean indicating if the handler is exempted from using the Content-Security-Policy header.
Instance Method Detail
Allows to define a custom Content-Security-Policy that will be used for the considered handler only.
This method yields a Marten::HTTP::ContentSecurityPolicy object that you can use to fully configure the
directives that get inserted in the Content-Security-Policy header.
class MyHandler < Marten::Handler
content_security_policy do |csp|
csp.default_src = {:self, "example.com"}
end
endAllows to define whether or not the handler responses should be exempted from using Content-Security-Policy.
Note that this method is only useful when the Marten::Middleware::ContentSecurityPolicy middleware is being
used.
Returns a boolean indicating if the handler is exempted from using the Content-Security-Policy header.