API Guides

module PermissionsPolicy

Ruby on Rails 6.1.7.10

Since v6.1.7.10

Available in: v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2

HTTP Permissions Policy is a web standard for defining a mechanism to allow and deny the use of browser permissions in its own context, and in content within any <iframe> elements in the document.

Full details of HTTP Permissions Policy specification and guidelines can be found at MDN:

developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy

Examples of usage:

# Global policy
Rails.application.config.permissions_policy do |f|
  f.camera      :none
  f.gyroscope   :none
  f.microphone  :none
  f.usb         :none
  f.fullscreen  :self
  f.payment     :self, "https://secure.example.com"
end

# Controller level policy
class PagesController < ApplicationController
  permissions_policy do |p|
    p.geolocation "https://example.com"
  end
end

Namespace

Modules

Extends

Methods (inherited)

From ActiveSupport::Concern (3)

Type at least 2 characters to search.

↑↓ navigate · open · esc close