Bridgetown Content Security Policy
A Bridgetown plugin to include a Content Security Policy as a meta tag on all your pages.
Installation
Run this command to install this plugin:
$ bundle exec bridgetown apply https://github.com/ayushn21/bridgetown-content-security-policy
Usage
The plugin allows you to define one or more Content Security Policies using a convenient Ruby DSL.
The installation should create a content_security_policy.config.rb
file in your project's config
directory. More info about the DSL is contained in the file.
You can define a specific CSP for pages by setting content_security_policy:
in your frontmatter; and then defining the relevent CSP in content_security_policy.config.rb
.
All page specific CSPs will inherit from the default
CSP.
Including the CSP on your web pages
You'll need to add a content_security_policy
tag to your layout file(s) to include the CSP meta tag in all your pages. This plugin supports Liquid, ERB and other Tilt based templating languages like HAML or Slim.
-
Liquid templates:
{% content_security_policy %}
-
ERB:
<%= content_security_policy %>
Add the appropriate CSP tag in the head
tag of your layout file to include the CSP on all your pages.
Testing
- Run
bundle exec rake test
to run the test suite - Or run
script/cibuild
to validate with Rubocop and run tests together.
Contributing
- Fork it (https://github.com/ayushn21/bridgetown-content-security-policy/fork)
- Clone the fork using
git clone
to your local development machine. - Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request
License
Bridgetown Content Security Policy is released under the MIT License.
Copyright © 2021 Ayush Newatia