Skip to content

docs: add more Rack::Protection usage examples#2158

Open
wwenrr wants to merge 1 commit intosinatra:mainfrom
wwenrr:docs/1154-rack-protection-more-examples
Open

docs: add more Rack::Protection usage examples#2158
wwenrr wants to merge 1 commit intosinatra:mainfrom
wwenrr:docs/1154-rack-protection-more-examples

Conversation

@wwenrr
Copy link
Copy Markdown

@wwenrr wwenrr commented Apr 1, 2026

Summary

Adds a new "More examples" section to rack-protection/README.md to address the long-standing request in #1154.

What this PR adds

Practical config.ru examples for common setups:

  1. Rack::Protection::HostAuthorization with permitted_hosts
  2. Rack::Protection::StrictTransport enabled only in production
  3. Rack::Protection::ContentSecurityPolicy with custom directives
  4. Rack::Protection with multiple middlewares excluded via except:

Why

Issue #1154 asks for more documentation examples. The existing README explains what protections exist, but has limited configuration examples for real app setups.

This PR keeps the docs concise while giving copy-paste friendly snippets for frequently requested configurations.

Scope

  • Docs only (rack-protection/README.md)
  • No behavior/runtime changes
  • No API changes

Validation

  • Confirmed option names in examples match implementation:
    • HostAuthorization uses permitted_hosts
    • StrictTransport uses max_age / include_subdomains
    • ContentSecurityPolicy accepts directive options like default_src, script_src
  • Reviewed markdown rendering and section flow under existing Usage docs.

Closes #1154

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Rack::Protection more examples in docs

1 participant

@wwenrr