Module: ActionController::PermissionsPolicy
| Relationships & Source Files | |
| Namespace Children | |
|
Modules:
| |
| Extension / Inclusion / Inheritance Descendants | |
|
Included In:
Base,
::ActionView::TestCase::TestController,
Rails::ApplicationController,
Rails::InfoController,
Rails::MailersController,
Rails::WelcomeController
| |
| Super Chains via Extension / Inclusion / Inheritance | |
|
Class Chain:
self,
::ActiveSupport::Concern
|
|
| Defined in: | actionpack/lib/action_controller/metal/permissions_policy.rb |
Overview
HTTP Permissions Policy is a web standard for defining a mechanism to allow and deny the use of browser permissions in its own context, and in content within any <iframe> elements in the document.
Full details of HTTP Permissions Policy specification and guidelines can be found at MDN:
developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
Examples of usage:
# Global policy
Rails.application.config. do |f|
f.camera :none
f.gyroscope :none
f.microphone :none
f.usb :none
f.fullscreen :self
f.payment :self, "https://secure.example.com"
end
# Controller level policy
class PagesController < ApplicationController
do |p|
p.geolocation "https://example.com"
end
endClass Method Summary
::ActiveSupport::Concern - Extended
| class_methods | Define class methods from given block. |
| included | Evaluate given block in context of base class, so that you can write class macros here. |
| prepended | Evaluate given block in context of base class, so that you can write class macros here. |