diff options
Diffstat (limited to 'src/lib/CSP.js')
-rw-r--r-- | src/lib/CSP.js | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/lib/CSP.js b/src/lib/CSP.js new file mode 100644 index 0000000..79590bc --- /dev/null +++ b/src/lib/CSP.js @@ -0,0 +1,23 @@ +"use strict"; + +class CSP { + + build(...directives) { + return directives.join(';'); + } + + buildBlocker(...types) { + return this.build(...(types.map(type => `${type.name || type}-src ${type.value || "'none'"}`))); + } + + blocks(header, type) { + return `;${header};`.includes(`;${type}-src 'none';`) + } + + asHeader(value) { + return {name: CSP.headerName, value}; + } +} + +CSP.isEmbedType = type => /\b(?:application|video|audio)\b/.test(type); +CSP.headerName = "content-security-policy"; |