Module: Async::Background::Web::Response

Defined in:
lib/async/background/web/response.rb

Constant Summary collapse

JSON_TYPE = 
'application/json; charset=utf-8'
HTML_TYPE = 
'text/html; charset=utf-8'
TEXT_TYPE = 
'text/plain; charset=utf-8'
JAVASCRIPT_TYPE = 
'application/javascript; charset=utf-8'
CSS_TYPE = 
'text/css; charset=utf-8'
NO_STORE = 
'no-store'
ASSET_CACHE = 
'public, max-age=31536000, immutable'
BASE_SECURITY_HEADERS = 
{
  'x-content-type-options' => 'nosniff',
  'referrer-policy' => 'no-referrer',
  'cross-origin-resource-policy' => 'same-origin'
}.freeze
HTML_SECURITY_HEADERS = 
BASE_SECURITY_HEADERS.merge(
  'x-frame-options' => 'DENY',
  'content-security-policy' =>
    "default-src 'none'; " \
    "script-src 'self'; " \
    "style-src 'self'; " \
    "img-src 'self' data:; " \
    "connect-src 'self'; " \
    "frame-ancestors 'none'; " \
    "base-uri 'none'; " \
    "form-action 'none'"
).freeze
UNAUTHORIZED_BODY = 
JSON.generate(error: 'unauthorized').freeze
NOT_FOUND_BODY = 
JSON.generate(error: 'not_found').freeze
BAD_REQUEST_BODY = 
JSON.generate(error: 'invalid_request').freeze
UNAVAILABLE_BODY = 
JSON.generate(error: 'service_unavailable').freeze
INTERNAL_ERROR_BODY = 
JSON.generate(error: 'internal_error').freeze
EVENT_STREAM_TYPE = 
'text/event-stream; charset=utf-8'

Class Method Summary collapse

Class Method Details

.asset_headers(content_type) ⇒ Object 



93
94
95
 
# File 'lib/async/background/web/response.rb', line 93

def asset_headers(content_type)
  {'content-type' => content_type, 'cache-control' => ASSET_CACHE}.merge(BASE_SECURITY_HEADERS)
end

.bad_request(message = nil) ⇒ Object 



72
73
74
75
 
# File 'lib/async/background/web/response.rb', line 72

def bad_request(message = nil)
  body = message.nil? ? BAD_REQUEST_BODY : JSON.generate(error: 'invalid_request', message: message)
  [400, no_store_headers(JSON_TYPE), [body]]
end

.html(body) ⇒ Object 



52
53
54
 
# File 'lib/async/background/web/response.rb', line 52

def html(body)
  [200, html_headers, [body]]
end

.html_headersObject 



89
90
91
 
# File 'lib/async/background/web/response.rb', line 89

def html_headers
  {'content-type' => HTML_TYPE, 'cache-control' => NO_STORE}.merge(HTML_SECURITY_HEADERS)
end

.internal_errorObject 



81
82
83
 
# File 'lib/async/background/web/response.rb', line 81

def internal_error
  [500, no_store_headers(JSON_TYPE), [INTERNAL_ERROR_BODY]]
end

.javascript(body) ⇒ Object 



56
57
58
 
# File 'lib/async/background/web/response.rb', line 56

def javascript(body)
  [200, asset_headers(JAVASCRIPT_TYPE), [body]]
end

.json(payload, status: 200) ⇒ Object 



48
49
50
 
# File 'lib/async/background/web/response.rb', line 48

def json(payload, status: 200)
  [status, no_store_headers(JSON_TYPE), [JSON.generate(payload)]]
end

.no_store_headers(content_type) ⇒ Object 



85
86
87
 
# File 'lib/async/background/web/response.rb', line 85

def no_store_headers(content_type)
  {'content-type' => content_type, 'cache-control' => NO_STORE}.merge(BASE_SECURITY_HEADERS)
end

.not_foundObject 



68
69
70
 
# File 'lib/async/background/web/response.rb', line 68

def not_found
  [404, no_store_headers(JSON_TYPE), [NOT_FOUND_BODY]]
end

.sse(body) ⇒ Object 



44
45
46
 
# File 'lib/async/background/web/response.rb', line 44

def sse(body)
  [200, sse_headers, body]
end

.sse_headersObject 



97
98
99
100
101
102
103
 
# File 'lib/async/background/web/response.rb', line 97

def sse_headers
  {
    'content-type' => EVENT_STREAM_TYPE,
    'cache-control' => 'no-cache, no-transform',
    'x-accel-buffering' => 'no'
  }.merge(BASE_SECURITY_HEADERS)
end

.stylesheet(body) ⇒ Object 



60
61
62
 
# File 'lib/async/background/web/response.rb', line 60

def stylesheet(body)
  [200, asset_headers(CSS_TYPE), [body]]
end

.unauthorizedObject 



64
65
66
 
# File 'lib/async/background/web/response.rb', line 64

def unauthorized
  [401, no_store_headers(JSON_TYPE), [UNAUTHORIZED_BODY]]
end

.unavailableObject 



77
78
79
 
# File 'lib/async/background/web/response.rb', line 77

def unavailable
  [503, no_store_headers(JSON_TYPE), [UNAVAILABLE_BODY]]
end