Docstrings · ContentSecurityPolicy.jl

ContentSecurityPolicy.ContentSecurityPolicy — Module

ContentSecurityPolicy.jl is library for working with Content Security Policy headers

Content-Security-Policy: default-src 'self'; script-src https://example.com

is the same as:

Content-Security-Policy: connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src https://example.com; style-src 'self'; worker-src 'self'

Content-Security-Policy @ mdn

ContentSecurityPolicy.DirectiveTypes — Type

const DirectiveTypes

Nothing: Directive will be absent from policy
Empty Tuple or Set: Absent from header or only key is added to header
True: only key is added to policy header

ContentSecurityPolicy.compile — Method

compile(policy::Policy)::String

ContentSecurityPolicy.http — Method

http(::Policy; except, kwargs...)::OrderedDict

Build a Dict with keys matching CSP directive names, as used in http requests

Automatically ignores properties for which values are empty, false or nothing.

Dict values are the string representation of their value in the policy instance

ContentSecurityPolicy.nonce! — Method

function none!(policy, directive::String)

Creates a nonce, applies it to policy[directive] and returns the nonce