Class: AWSCDK::CloudFront::ResponseSecurityHeadersBehavior
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::CloudFront::ResponseSecurityHeadersBehavior
- Defined in:
- cloud_front/response_security_headers_behavior.rb
Overview
Configuration for a set of security-related HTTP response headers.
CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.
Instance Attribute Summary collapse
-
#content_security_policy ⇒ AWSCDK::CloudFront::ResponseHeadersContentSecurityPolicy?
readonly
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
-
#content_type_options ⇒ AWSCDK::CloudFront::ResponseHeadersContentTypeOptions?
readonly
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.
-
#frame_options ⇒ AWSCDK::CloudFront::ResponseHeadersFrameOptions?
readonly
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.
-
#referrer_policy ⇒ AWSCDK::CloudFront::ResponseHeadersReferrerPolicy?
readonly
Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.
-
#strict_transport_security ⇒ AWSCDK::CloudFront::ResponseHeadersStrictTransportSecurity?
readonly
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.
-
#xss_protection ⇒ AWSCDK::CloudFront::ResponseHeadersXSSProtection?
readonly
Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(content_security_policy: nil, content_type_options: nil, frame_options: nil, referrer_policy: nil, strict_transport_security: nil, xss_protection: nil) ⇒ ResponseSecurityHeadersBehavior
constructor
A new instance of ResponseSecurityHeadersBehavior.
- #to_jsii ⇒ Object
Constructor Details
#initialize(content_security_policy: nil, content_type_options: nil, frame_options: nil, referrer_policy: nil, strict_transport_security: nil, xss_protection: nil) ⇒ ResponseSecurityHeadersBehavior
Returns a new instance of ResponseSecurityHeadersBehavior.
16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'cloud_front/response_security_headers_behavior.rb', line 16 def initialize(content_security_policy: nil, content_type_options: nil, frame_options: nil, referrer_policy: nil, strict_transport_security: nil, xss_protection: nil) @content_security_policy = content_security_policy.is_a?(Hash) ? ::AWSCDK::CloudFront::ResponseHeadersContentSecurityPolicy.new(**content_security_policy.transform_keys(&:to_sym)) : content_security_policy Jsii::Type.check_type(@content_security_policy, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNDb250ZW50U2VjdXJpdHlQb2xpY3kifQ==")), "contentSecurityPolicy") unless @content_security_policy.nil? @content_type_options = .is_a?(Hash) ? ::AWSCDK::CloudFront::ResponseHeadersContentTypeOptions.new(**.transform_keys(&:to_sym)) : Jsii::Type.check_type(@content_type_options, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNDb250ZW50VHlwZU9wdGlvbnMifQ==")), "contentTypeOptions") unless @content_type_options.nil? @frame_options = .is_a?(Hash) ? ::AWSCDK::CloudFront::ResponseHeadersFrameOptions.new(**.transform_keys(&:to_sym)) : Jsii::Type.check_type(@frame_options, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNGcmFtZU9wdGlvbnMifQ==")), "frameOptions") unless @frame_options.nil? @referrer_policy = referrer_policy.is_a?(Hash) ? ::AWSCDK::CloudFront::ResponseHeadersReferrerPolicy.new(**referrer_policy.transform_keys(&:to_sym)) : referrer_policy Jsii::Type.check_type(@referrer_policy, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNSZWZlcnJlclBvbGljeSJ9")), "referrerPolicy") unless @referrer_policy.nil? @strict_transport_security = strict_transport_security.is_a?(Hash) ? ::AWSCDK::CloudFront::ResponseHeadersStrictTransportSecurity.new(**strict_transport_security.transform_keys(&:to_sym)) : strict_transport_security Jsii::Type.check_type(@strict_transport_security, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNTdHJpY3RUcmFuc3BvcnRTZWN1cml0eSJ9")), "strictTransportSecurity") unless @strict_transport_security.nil? @xss_protection = xss_protection.is_a?(Hash) ? ::AWSCDK::CloudFront::ResponseHeadersXSSProtection.new(**xss_protection.transform_keys(&:to_sym)) : xss_protection Jsii::Type.check_type(@xss_protection, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNYU1NQcm90ZWN0aW9uIn0=")), "xssProtection") unless @xss_protection.nil? end |
Instance Attribute Details
#content_security_policy ⇒ AWSCDK::CloudFront::ResponseHeadersContentSecurityPolicy? (readonly)
Default: - no content security policy
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
35 36 37 |
# File 'cloud_front/response_security_headers_behavior.rb', line 35 def content_security_policy @content_security_policy end |
#content_type_options ⇒ AWSCDK::CloudFront::ResponseHeadersContentTypeOptions? (readonly)
Default: - no content type options
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.
40 41 42 |
# File 'cloud_front/response_security_headers_behavior.rb', line 40 def @content_type_options end |
#frame_options ⇒ AWSCDK::CloudFront::ResponseHeadersFrameOptions? (readonly)
Default: - no frame options
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.
45 46 47 |
# File 'cloud_front/response_security_headers_behavior.rb', line 45 def @frame_options end |
#referrer_policy ⇒ AWSCDK::CloudFront::ResponseHeadersReferrerPolicy? (readonly)
Default: - no referrer policy
Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.
50 51 52 |
# File 'cloud_front/response_security_headers_behavior.rb', line 50 def referrer_policy @referrer_policy end |
#strict_transport_security ⇒ AWSCDK::CloudFront::ResponseHeadersStrictTransportSecurity? (readonly)
Default: - no strict transport security
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.
55 56 57 |
# File 'cloud_front/response_security_headers_behavior.rb', line 55 def strict_transport_security @strict_transport_security end |
#xss_protection ⇒ AWSCDK::CloudFront::ResponseHeadersXSSProtection? (readonly)
Default: - no xss protection
Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.
60 61 62 |
# File 'cloud_front/response_security_headers_behavior.rb', line 60 def xss_protection @xss_protection end |
Class Method Details
.jsii_properties ⇒ Object
62 63 64 65 66 67 68 69 70 71 |
# File 'cloud_front/response_security_headers_behavior.rb', line 62 def self.jsii_properties { :content_security_policy => "contentSecurityPolicy", :content_type_options => "contentTypeOptions", :frame_options => "frameOptions", :referrer_policy => "referrerPolicy", :strict_transport_security => "strictTransportSecurity", :xss_protection => "xssProtection", } end |
Instance Method Details
#to_jsii ⇒ Object
73 74 75 76 77 78 79 80 81 82 83 84 |
# File 'cloud_front/response_security_headers_behavior.rb', line 73 def to_jsii result = {} result.merge!({ "contentSecurityPolicy" => @content_security_policy, "contentTypeOptions" => @content_type_options, "frameOptions" => @frame_options, "referrerPolicy" => @referrer_policy, "strictTransportSecurity" => @strict_transport_security, "xssProtection" => @xss_protection, }) result.compact end |