aaf-secure_headers 2.0.0 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/aaf-secure_headers.gemspec +1 -1
- data/lib/aaf/secure_headers.rb +2 -4
- data/lib/aaf/secure_headers/version.rb +1 -1
- metadata +7 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5659bdb1c4c352b79e15eada5a1738e39b17aa28
|
|
4
|
+
data.tar.gz: 28921332daa82fc5cb45f4346033868c27a2b4a0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: efc19a857b3c3350295eb4a3cefbcc9a857ce15a4d214f8ffee7efba929ab1b0a036fdd9e613908a33efc0ce642c343d160550a320959b4bcc6d44453b1214e5
|
|
7
|
+
data.tar.gz: 77cb8302fb26510dfd6fa6237e11d278752ca9026bc14fadf29867b2af787b9c0ee3a94fe3c64c5444bc252840108fac891743e65d71406c3e8dcc5d50216352
|
data/aaf-secure_headers.gemspec
CHANGED
|
@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
|
|
|
21
21
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
22
22
|
spec.require_paths = ['lib']
|
|
23
23
|
|
|
24
|
-
spec.add_dependency 'secure_headers'
|
|
24
|
+
spec.add_dependency 'secure_headers'
|
|
25
25
|
spec.add_dependency 'activesupport'
|
|
26
26
|
|
|
27
27
|
spec.add_development_dependency 'bundler', '~> 1.12'
|
data/lib/aaf/secure_headers.rb
CHANGED
|
@@ -9,9 +9,7 @@ module AAF
|
|
|
9
9
|
config.cookies = {
|
|
10
10
|
secure: true,
|
|
11
11
|
httponly: true,
|
|
12
|
-
samesite:
|
|
13
|
-
lax: false
|
|
14
|
-
}
|
|
12
|
+
samesite: ::SecureHeaders::OPT_OUT
|
|
15
13
|
}
|
|
16
14
|
|
|
17
15
|
config.hsts = "max-age=#{6.months.to_i}; includeSubdomains; preload"
|
|
@@ -20,7 +18,7 @@ module AAF
|
|
|
20
18
|
config.x_xss_protection = '1; mode=block'
|
|
21
19
|
config.x_download_options = 'noopen'
|
|
22
20
|
config.x_permitted_cross_domain_policies = 'none'
|
|
23
|
-
config.referrer_policy = '
|
|
21
|
+
config.referrer_policy = 'strict-origin'
|
|
24
22
|
|
|
25
23
|
config.csp = {
|
|
26
24
|
preserve_schemes: false,
|
metadata
CHANGED
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aaf-secure_headers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 3.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Caught
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-03-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: secure_headers
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: '0'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
|
-
- - "
|
|
24
|
+
- - ">="
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
26
|
+
version: '0'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: activesupport
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -133,7 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
133
133
|
version: '0'
|
|
134
134
|
requirements: []
|
|
135
135
|
rubyforge_project:
|
|
136
|
-
rubygems_version: 2.
|
|
136
|
+
rubygems_version: 2.5.2.3
|
|
137
137
|
signing_key:
|
|
138
138
|
specification_version: 4
|
|
139
139
|
summary: Base configuration for AAF Secure Headers
|