123456789_123456789_123456789_123456789_123456789_

Class: ActionDispatch::PermissionsPolicy

Relationships & Source Files
Namespace Children
Modules:
Classes:
Inherits: Object
Defined in: actionpack/lib/action_dispatch/http/permissions_policy.rb

Overview

Configures the HTTP Feature-Policy response header to specify which browser features the current document and its iframes can use.

Example global policy:

Rails.application.config.permissions_policy do |policy|
  policy.camera      :none
  policy.gyroscope   :none
  policy.microphone  :none
  policy.usb         :none
  policy.fullscreen  :self
  policy.payment     :self, "https://secure.example.com"
end

The Feature-Policy header has been renamed to Permissions-Policy. The Permissions-Policy requires a different implementation and isn’t yet supported by all browsers. To avoid having to rename this middleware in the future we use the new name for the middleware but keep the old header name and implementation for now.

Constant Summary

Class Method Summary

Instance Attribute Summary

Instance Method Summary

Constructor Details

.new {|_self| ... } ⇒ PermissionsPolicy

Yields:

  • (_self)

Yield Parameters:

  • _self (PermissionsPolicy)

    the object that the method was called on

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 113

def initialize
  @directives = {}
  yield self if block_given?
end

Instance Attribute Details

#directives (readonly)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 111

attr_reader :directives

Instance Method Details

#apply_mapping(source) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 150

def apply_mapping(source)
  MAPPINGS.fetch(source) do
    raise ArgumentError, "Unknown HTTP permissions policy source mapping: #{source.inspect}"
  end
end

#apply_mappings(sources) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 137

def apply_mappings(sources)
  sources.map do |source|
    case source
    when Symbol
      apply_mapping(source)
    when String, Proc
      source
    else
      raise ArgumentError, "Invalid HTTP permissions policy source: #{source.inspect}"
    end
  end
end

#build(context = nil)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 132

def build(context = nil)
  build_directives(context).compact.join("; ")
end

#build_directive(sources, context) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 168

def build_directive(sources, context)
  sources.map { |source| resolve_source(source, context) }
end

#build_directives(context) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 156

def build_directives(context)
  @directives.map do |directive, sources|
    if sources.is_a?(Array)
      "#{directive} #{build_directive(sources, context).join(' ')}"
    elsif sources
      directive
    else
      nil
    end
  end
end

#initialize_copy(other)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 118

def initialize_copy(other)
  @directives = other.directives.deep_dup
end

#resolve_source(source, context) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/http/permissions_policy.rb', line 172

def resolve_source(source, context)
  case source
  when String
    source
  when Symbol
    source.to_s
  when Proc
    if context.nil?
      raise RuntimeError, "Missing context for the dynamic permissions policy source: #{source.inspect}"
    else
      context.instance_exec(&source)
    end
  else
    raise RuntimeError, "Unexpected permissions policy source: #{source.inspect}"
  end
end