File Coverage

blib/lib/Plack/Middleware/XFrameOptions/All.pm

Criterion	Covered	Total	%
statement	10	10	100.0
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	14	14	100.0

line	stmt	sub	time	code
1				# ABSTRACT: Plack middleware to set X-Frame-Options.
2
3				package Plack::Middleware::XFrameOptions::All;
4				BEGIN {
5	1	1	692	$Plack::Middleware::XFrameOptions::All::VERSION = '0.2';
6				}
7
8	1	1	7	use strict;
	1		2
	1		33
9	1	1	5	use warnings;
	1		2
	1		37
10
11				=head1 NAME
12
13				Plack::Middleware::XFrameOptions::All - Plack middleware to set X-Frame-Options.
14
15				=head1 VERSION
16
17				version 0.2
18
19				=head1 DESCRIPTION
20
21				This module will setup X-Frame-Options header to protect clickjacking issue.
22				This header has been supported by IE8+, Fx 3.6.9+, Google Chrome.
23
24				=head1 SYNOPSIS
25
26				use Plack::Builder;
27				builder {
28				enable 'XFrameOptions::All', policy => 'sameorigin'; // or 'deny'
29				}
30
31				=cut
32
33	1	1	8336	use parent 'Plack::Middleware';
	1		300
	1		6
34
35				use Plack::Util;
36				use Plack::Util::Accessor qw/policy/;
37
38				sub call {
39				my ($self, $env) = @_;
40
41				my $res = $self->app->($env);
42				Plack::Util::response_cb($res, sub {
43				my $res = shift;
44
45				my $h = Plack::Util::headers($res->[1]);
46
47				# Only process text/html.
48				my $ct = $h->get('Content-Type') or return;
49				return unless $ct =~ qr{text/html};
50
51				$h->set('X-Frame-Options', $self->policy);
52				});
53				}
54
55				sub prepare_app {
56				my $self = shift;
57				$self->policy('sameorigin') unless defined $self->policy;
58				}
59
60				=head1 AUTHOR
61
62				Gea-Suan Lin, C<< >>
63
64				=head1 LICENSE AND COPYRIGHT
65
66				Copyright 2011 Gea-Suan Lin.
67
68				This software is released under 3-clause BSD license. See
69				L for more
70				information.
71
72				=cut
73
74				1;