Clean up docs a bit

mbramson · Nov 4, 2019 · 9792cc1 · 9792cc1
1 parent 5641623
commit 9792cc1
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/docs/Getting Started.md b/docs/Getting Started.md
@@ -78,7 +78,7 @@ following plug to our Router (in the appropriate pipeline or place, of course).
 
 ```elixir
 plug ContentSecurityPolicy.Plug.Setup(
- %ContentSecurityPolicy.Policy{
+ default_policy: %ContentSecurityPolicy.Policy{
  default_src: ["https:", "'self'"],
  img_src: ["https://imgur.com"]
  }

diff --git a/lib/content_security_policy/plug/setup.ex b/lib/content_security_policy/plug/setup.ex
@@ -6,6 +6,27 @@ defmodule ContentSecurityPolicy.Plug.Setup do
  This `Plug` registers a `before_send` action that serializes the
  `ContentSecurityPolicy.Policy` struct and inserts the result into the
  `"content-security-policy"` header of the response.
+
+ ## Example Usage
+ 
+ In a controller or router: 
+
+ plug ContentSecurityPolicy.Plug.Setup(
+ default_policy: %ContentSecurityPolicy.Policy{
+ default_src: ["https:", "'self'"],
+ img_src: ["*.imgur.com"]
+ }
+ )
+
+
+ The above plug sets the content security policy struct to whatever is passed
+ in. This is assigned to `conn.private.content_security_policy`.
+
+ Before the response is sent, this policy will be serialized into a content
+ security policy that the browser understands.
+
+ In the case of the above, the following response header will be sent:
+ `content-security-policy: default-src https: 'self'; img-src *.imgur.com`
  """
 
  import Plug.Conn