You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# config/ruleset/stripe/js.rb# Ruleset for Stripe's JS library.rulesetdoconnect_src'https://api.stripe.com'frame_src'https://js.stripe.com','https://hooks.stripe.com'script_src'https://js.stripe.com'other_src'https://example.com'# A common problem is that some rules are environment-specific.group:developmentdoother_src'https://example2.com'endend
Remaining questions I have around this are:
What if an entire ruleset should only load in development?
What about lambda conditions for groups?
In order to implement this, we'll need to support the same declaration being fired multiple times as compounding on the same rule, so:
other_src'https://example.com'# A common problem is that some rules are environment-specific.group:developmentdoother_src'https://example2.com'end
When writing up this feature request for Rails, I realized what the ruleset DSL could look like:
Remaining questions I have around this are:
In order to implement this, we'll need to support the same declaration being fired multiple times as compounding on the same rule, so:
would result in:
The text was updated successfully, but these errors were encountered: