class Kemal::Shield::XPermittedCrossDomainPolicies

Overview

Kemal::Shield::XPermittedCrossDomainPolicies is a handler that sets the X-Permitted-Cross-Domain-Policies HTTP header.

X-Permitted-Cross-Domain-Policies specifies your domain's policies for loading cross-domain content.

This handler sets the X-Permitted-Cross-Domain-Policies header to "none" by default.

Valid options for this header:

"none"
"master-only"
"by-content-type"
"all"

The X-Permitted-Cross-Domain-Polices header can be updated by changing the value of:

Kemal::Shield.config.x_permitted_cross_domain_policies

This handler can be turned off by setting

Kemal::Shield.config.x_permitted_cross_domain_policies_on = false

Defined in:

kemal-shield/handlers/x_permitted_cross_domain_policies.cr

Constructors

Instance Method Summary

Constructor Detail

def self.new(policy : String = "none") #

[View source]

Instance Method Detail

def call(context) #

[View source]
def valid_policy?(policy : String) #

[View source]