RubyGems - better_content_security_policy - Versions diffs - 0.1.0 → 0.1.2 - Mend

better_content_security_policy 0.1.0 → 0.1.2

Files changed (7) hide show

checksums.yaml +4 -4
data/Gemfile.lock +4 -1
data/README.md +6 -4
data/lib/better_content_security_policy/content_security_policy.rb +2 -1
data/lib/better_content_security_policy/has_content_security_policy.rb +2 -0
data/lib/better_content_security_policy/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 50e701c2051110a406b0ba73d7773bfd94c74889939e5302be70da1e44f29ed3
-  data.tar.gz: dd67545b3d05169cbbc3fb1dfacd3cf501adf481f12f3706a54c9cdb70106db9
+  metadata.gz: bf8f11b55c77a23844ebd19428e56b42fa1ef3a4636137e7e61ab4bb6cfc5c24
+  data.tar.gz: dea5ebf55a0ec4985aacc0743dfda54fb81c5545cb4e7ae97df97d9d180d9feb
 SHA512:
-  metadata.gz: a6dea4753c4dcc13dd6fa39a19a1b2108cce36641d4379a9471a90ebc92380966f914077322b9c1726974b8e5e73f7e0dde70b726f50ff11d57d49595c1ae55a
-  data.tar.gz: f434678f26584c02569911e2250b739625cf02fd391654cd0f2e2ee1b73d6fd0f6a81df944f4e9f95bbc318821cab61b5b0bdb7e246e8b9b82c6525155fb9edc
+  metadata.gz: ffcb4a396dbe92cc3ab86d1ee3a5903c9032cc2a54abdff127ac1590495519edaebc2f70938cb574b7149617cc473f52cc8693e6b3fbb0136856ac9c0fd7fd40
+  data.tar.gz: 1fe7607741267495f00c7f2077336241abe91ff5eedb740f409ffc8637ea9c324b85270de5e68a2eacaddb675c8e6de13cd4a3c638d64d6fb29c5fd6d1bc7ecf

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    better_content_security_policy (0.1.0)
+    better_content_security_policy (0.1.2)
       rails (>= 5.0.0)
 GEM
@@ -88,6 +88,8 @@ GEM
     nio4r (2.5.8)
     nokogiri (1.12.5-x86_64-darwin)
       racc (~> 1.4)
+    nokogiri (1.12.5-x86_64-linux)
+      racc (~> 1.4)
     parallel (1.22.1)
     parser (3.1.2.1)
       ast (~> 2.4.1)
@@ -172,6 +174,7 @@ GEM
 PLATFORMS
   x86_64-darwin-21
+  x86_64-linux
 DEPENDENCIES
   better_content_security_policy!

data/README.md CHANGED Viewed

@@ -1,7 +1,9 @@
+![Ruby CI builds](https://github.com/DocSpring/better_content_security_policy/actions/workflows/main.yml/badge.svg)
 # Better Content Security Policy
-This gem makes it easy to configure a dynamic `Content-Security-Policy` header for your Rails application.
-You can easily customize the rules in your controllers, and you can also update the rules in your views.
+This gem allows you to configure flexible and dynamic `Content-Security-Policy` headers for your Rails application.
+By default, Rails only allows you to configure one global Content Security Policy for your whole application, in `config/initializers/content_security_policy.rb`. This gem moves the CSP logic into your controllers and views, so you can create multiple unique policies for different controllers, or add new rules for a specific action.
 Read the MDN Web Docs to learn more about Content Security Policies: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
@@ -115,7 +117,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/better_content_security_policy. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/better_content_security_policy/blob/main/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on GitHub at https://github.com/DocSpring/better_content_security_policy. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/DocSpring/better_content_security_policy/blob/main/CODE_OF_CONDUCT.md).
 ## License
@@ -123,4 +125,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
 ## Code of Conduct
-Everyone interacting in the BetterContentSecurityPolicy project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/better_content_security_policy/blob/main/CODE_OF_CONDUCT.md).
+Everyone interacting in the BetterContentSecurityPolicy project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/DocSpring/better_content_security_policy/blob/main/CODE_OF_CONDUCT.md).

data/lib/better_content_security_policy/content_security_policy.rb CHANGED Viewed

@@ -81,7 +81,8 @@ module BetterContentSecurityPolicy
       kebab_source = kebab_case(dsl_source)
       return "'#{kebab_source}'" if QUOTED_SOURCES.include?(kebab_source)
-      return "'#{dsl_source}'" if dsl_source.start_with?("nonce-")
+      return "'#{dsl_source}'" if dsl_source.start_with?("nonce-") ||
+                                  dsl_source.start_with?("sha256-")
       dsl_source
     end

data/lib/better_content_security_policy/has_content_security_policy.rb CHANGED Viewed

@@ -10,6 +10,8 @@ module BetterContentSecurityPolicy
     extend ActiveSupport::Concern
     included do
+      private :set_content_security_policy_header, :content_security_policy
       helper_method :content_security_policy
       before_action :configure_content_security_policy
       after_action :set_content_security_policy_header

data/lib/better_content_security_policy/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module BetterContentSecurityPolicy
-  VERSION = "0.1.0"
+  VERSION = "0.1.2"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: better_content_security_policy
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.2
 platform: ruby
 authors:
 - Nathan Broadbent
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-10-03 00:00:00.000000000 Z
+date: 2022-10-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails