ContentSecurityPolicy v1.0.3 ContentSecurityPolicy.Plug.AddSourceValue View Source
Plug which adds a source value to the given directive.
This plug must be run after the ContentSecurityPolicy.Setup
plug, or it
will raise an exception.
Example Usage
In a controller or router:
plug ContentSecurityPolicy.Setup
plug ContentSecurityPolicy.AddSourceValue,
script_src: "https://google.com"
When the response is sent to the browser, the "content-security-policy"
response header will contain "script-src https://google.com"
directive.
Multiple directives and source values can be provided in the same call.
plug ContentSecurityPolicy.AddSourceValue,
script_src: "'self'",
script_src: "https://google.com"
When the response is sent to the browser, the "content-security-policy"
response header will contain "script-src 'self' https://google.com"
directive.
The ContentSecurityPolicy.Plug.AddSourceValue
plug is additive. It will
never replace or remove old source values associated with a directive.