Public: generate an X-Xss-Protection header.
Returns a default header if no configuration is provided, or a header name and value based on the config.
# File lib/secure_headers/headers/x_xss_protection.rb, line 15 def make_header(config = nil) [HEADER_NAME, config || DEFAULT_VALUE] end
# File lib/secure_headers/headers/x_xss_protection.rb, line 19 def validate_config!(config) return if config.nil? || config == OPT_OUT raise TypeError.new("Must be a string. Found #{config.class}: #{config}") unless config.is_a?(String) raise XXssProtectionConfigError.new("Invalid format (see VALID_X_XSS_HEADER)") unless config.to_s =~ VALID_X_XSS_HEADER end