Slide 63
Slide 63 text
class CSP
def initialize(app, options={})
@app = app
end
def call(env)
status, headers, body = @app.call(env)
response = Rack::Response.new body, status, headers
response['Content-Security-Policy'] = "script-src 'self'"
response.finish
end
end