ContentSecurityPolicy v1.0.3 ContentSecurityPolicy View Source
Provides functions for interacting with Content Security Policies.
A Content Security Policy is a header which determines which assets the browser is allowed to retrieve.
See https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP for more in depth documentation.
Link to this section Summary
Functions
Adds a single source value to a directive on the given policy.
Generates a random base 64 encoded string for use in Content Security Policy nonces.
Converts a ContentSecurityPolicy.Policy
struct to a valid content security
policy string.
Link to this section Functions
Link to this function
add_source_value(policy, directive, source_value)
View Sourceadd_source_value( ContentSecurityPolicy.Policy.t(), ContentSecurityPolicy.Directive.valid_directive(), String.t() ) :: ContentSecurityPolicy.Policy.t()
Adds a single source value to a directive on the given policy.
Link to this function
generate_nonce(bytes \\ 32)
View Sourcegenerate_nonce(bytes :: pos_integer()) :: String.t()
Generates a random base 64 encoded string for use in Content Security Policy nonces.
Converts a ContentSecurityPolicy.Policy
struct to a valid content security
policy string.
Examples
iex> policy = %ContentSecurityPolicy.Policy{default_src: ["'self'"]}
iex> ContentSecurityPolicy.serialize(policy)
"default-src 'self';"