class ActionDispatch::PermissionsPolicy::Middleware
def call(env)
def call(env) request = ActionDispatch::Request.new(env) _, headers, _ = response = @app.call(env) return response unless html_response?(headers) return response if policy_present?(headers) if policy = request.permissions_policy headers[POLICY] = policy.build(request.controller_instance) end if policy_empty?(policy) headers.delete(POLICY) end response end
def html_response?(headers)
def html_response?(headers) if content_type = headers[CONTENT_TYPE] /html/.match?(content_type) end end
def initialize(app)
def initialize(app) @app = app end
def policy_empty?(policy)
def policy_empty?(policy) policy&.directives&.empty? end
def policy_present?(headers)
def policy_present?(headers) headers[POLICY] end