diff options
| author | Yuji Yaginuma <yuuji.yaginuma@gmail.com> | 2019-02-16 11:58:35 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-02-16 11:58:35 +0900 |
| commit | f851e4a5db06d3d18935709ace49d7900dbb6860 (patch) | |
| tree | ab345e593670099d19164f8fc8535db04372b7f5 | |
| parent | 3aa3c0684d3bd748be9e85d25616a8a7a1ab7755 (diff) | |
| parent | 96937335d105c684bd271f8fd427ee20f2b3aaf6 (diff) | |
| download | rails-f851e4a5db06d3d18935709ace49d7900dbb6860.tar.gz rails-f851e4a5db06d3d18935709ace49d7900dbb6860.tar.bz2 rails-f851e4a5db06d3d18935709ace49d7900dbb6860.zip | |
Merge pull request #35269 from y-yagi/allow_to_pass_options_to_csp_meta_tag
Allow to pass options to `csp_meta_tag`
| -rw-r--r-- | actionview/lib/action_view/helpers/csp_helper.rb | 6 | ||||
| -rw-r--r-- | actionview/test/template/csp_helper_test.rb | 4 |
2 files changed, 8 insertions, 2 deletions
diff --git a/actionview/lib/action_view/helpers/csp_helper.rb b/actionview/lib/action_view/helpers/csp_helper.rb index e2e065c218..4415018845 100644 --- a/actionview/lib/action_view/helpers/csp_helper.rb +++ b/actionview/lib/action_view/helpers/csp_helper.rb @@ -14,9 +14,11 @@ module ActionView # This is used by the Rails UJS helper to create dynamically # loaded inline <script> elements. # - def csp_meta_tag + def csp_meta_tag(**options) if content_security_policy? - tag("meta", name: "csp-nonce", content: content_security_policy_nonce) + options[:name] = "csp-nonce" + options[:content] = content_security_policy_nonce + tag("meta", options) end end end diff --git a/actionview/test/template/csp_helper_test.rb b/actionview/test/template/csp_helper_test.rb index 8bad25ba7d..1b7fd4665f 100644 --- a/actionview/test/template/csp_helper_test.rb +++ b/actionview/test/template/csp_helper_test.rb @@ -16,6 +16,10 @@ class CspHelperWithCspEnabledTest < ActionView::TestCase def test_csp_meta_tag assert_equal "<meta name=\"csp-nonce\" content=\"iyhD0Yc0W+c=\" />", csp_meta_tag end + + def test_csp_meta_tag_with_options + assert_equal "<meta property=\"csp-nonce\" name=\"csp-nonce\" content=\"iyhD0Yc0W+c=\" />", csp_meta_tag(property: "csp-nonce") + end end class CspHelperWithCspDisabledTest < ActionView::TestCase |