aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal/content_security_policy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack/lib/action_controller/metal/content_security_policy.rb')
-rw-r--r--actionpack/lib/action_controller/metal/content_security_policy.rb12
1 files changed, 10 insertions, 2 deletions
diff --git a/actionpack/lib/action_controller/metal/content_security_policy.rb b/actionpack/lib/action_controller/metal/content_security_policy.rb
index 95f2f3242d..b8fab4ebe3 100644
--- a/actionpack/lib/action_controller/metal/content_security_policy.rb
+++ b/actionpack/lib/action_controller/metal/content_security_policy.rb
@@ -14,13 +14,17 @@ module ActionController #:nodoc:
end
module ClassMethods
- def content_security_policy(**options, &block)
+ def content_security_policy(enabled = true, **options, &block)
before_action(options) do
if block_given?
- policy = request.content_security_policy.clone
+ policy = current_content_security_policy
yield policy
request.content_security_policy = policy
end
+
+ unless enabled
+ request.content_security_policy = nil
+ end
end
end
@@ -40,5 +44,9 @@ module ActionController #:nodoc:
def content_security_policy_nonce
request.content_security_policy_nonce
end
+
+ def current_content_security_policy
+ request.content_security_policy.try(:clone) || ActionDispatch::ContentSecurityPolicy.new
+ end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 23:18:57 +0000