docs for XSSHeader

2011-05-24 11:09:15 +02:00 · 2011-05-24 11:09:15 +02:00 · defd82d025
parent 50f25adadb
commit defd82d025
1 changed files with 8 additions and 0 deletions
--- a/rack-protection/lib/rack/protection/xss_header.rb
+++ b/rack-protection/lib/rack/protection/xss_header.rb
@ -2,6 +2,14 @@ require 'rack/protection'

 module Rack
  module Protection
+    ##
+    # Sets X-XSS-Protection header to tell the browser to block attacks.
+    #
+    # Prevented attack::   Non-permanent XSS
+    # Supported browsers:: Internet Explorer >= 8
+    #
+    # Options:
+    # xss_mode:: How the browser should prevent the attack (default: `:block`)
    class XSSHeader < Base
      default_options :xss_mode => :block