Method: ActionController::ContentSecurityPolicy::ClassMethods#content_security_policy_report_only

Defined in:
actionpack/lib/action_controller/metal/content_security_policy.rb

#content_security_policy_report_only(report_only = true, **options) ⇒ Object

Overrides the globally configured ‘Content-Security-Policy-Report-Only` header:

class PostsController < ApplicationController
  content_security_policy_report_only only: :index
end

Pass ‘false` to remove the `Content-Security-Policy-Report-Only` header:

class PostsController < ApplicationController
  content_security_policy_report_only false, only: :index
end


66
67
68
69
70
# File 'actionpack/lib/action_controller/metal/content_security_policy.rb', line 66

def content_security_policy_report_only(report_only = true, **options)
  before_action(options) do
    request.content_security_policy_report_only = report_only
  end
end