bridgetown-content-security-policy 1.0.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/tests.yml +32 -0
- data/.gitignore +2 -0
- data/CHANGELOG.md +20 -0
- data/Gemfile +5 -2
- data/README.md +10 -1
- data/bridgetown-content-security-policy.gemspec +5 -5
- data/bridgetown.automation.rb +1 -4
- data/lib/bridgetown-content-security-policy/builder.rb +2 -2
- data/lib/bridgetown-content-security-policy/version.rb +1 -1
- metadata +23 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3f75a1bfbb00c754a13f87bc07d494e8fd5a73bc18ff032124407ba6c2d410ce
|
4
|
+
data.tar.gz: 824961a6500068aa87074b8cf9bab87d2baf6732ece45f950069aa5b19422b65
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1fd88f9d078a63758bbe6d326af1d934b365160d64a29520f217595082d6f2b303fac4751cf3aa91def8e157c1af6bd3084173fc4cbd180b19ede8ac83970d7f
|
7
|
+
data.tar.gz: 9834a964cfc7f603010970637b0f399450d76e256abc0a46e71c43d94bc3eafda6135cc84069907fd08847b5ac2447275a634a67512fcd25b81a702adfd70a20
|
@@ -0,0 +1,32 @@
|
|
1
|
+
name: Tests
|
2
|
+
|
3
|
+
on:
|
4
|
+
pull_request:
|
5
|
+
branches:
|
6
|
+
- "*"
|
7
|
+
push:
|
8
|
+
branches:
|
9
|
+
- main
|
10
|
+
|
11
|
+
jobs:
|
12
|
+
build:
|
13
|
+
runs-on: ubuntu-latest
|
14
|
+
strategy:
|
15
|
+
matrix:
|
16
|
+
ruby_version: [2.7.7, 3.0.5, 3.1.3, 3.2.0]
|
17
|
+
bridgetown_version: [1.0.0, 1.1.0]
|
18
|
+
continue-on-error: ${{ endsWith(matrix.ruby, 'head') || matrix.ruby == 'debug' }}
|
19
|
+
# Has to be top level to cache properly
|
20
|
+
env:
|
21
|
+
BUNDLE_JOBS: 3
|
22
|
+
BUNDLE_PATH: "vendor/bundle"
|
23
|
+
BRIDGETOWN_VERSION: ${{ matrix.bridgetown_version }}
|
24
|
+
steps:
|
25
|
+
- uses: actions/checkout@master
|
26
|
+
- name: Setup Ruby
|
27
|
+
uses: ruby/setup-ruby@v1
|
28
|
+
with:
|
29
|
+
ruby-version: ${{ matrix.ruby_version }}
|
30
|
+
bundler-cache: true
|
31
|
+
- name: Test with Rake
|
32
|
+
run: script/cibuild
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,25 @@
|
|
1
1
|
# main
|
2
2
|
|
3
|
+
# 1.2.0 / 23-01-2023
|
4
|
+
|
5
|
+
* Require Bridgetown 1.0 or newer.
|
6
|
+
* Require Ruby 2.7 or newer.
|
7
|
+
* Remove BrowserSync permission as Bridgetown no longer uses it.
|
8
|
+
|
9
|
+
# 1.1.0 / 08-06-2021
|
10
|
+
|
11
|
+
* Change location of CSP config file to `config/`.
|
12
|
+
* Fix issue where escaped HTML was output in ERB templates.
|
13
|
+
|
14
|
+
# 1.0.0 / 19-01-2021
|
15
|
+
|
16
|
+
* Permit browsersync in development in the default policy
|
17
|
+
* Add helper for tilt based templates
|
18
|
+
|
19
|
+
# 0.1.1 / 13-01-2021
|
20
|
+
|
21
|
+
* Fix syntax
|
22
|
+
|
3
23
|
# 0.1.0 / 13-01-2021
|
4
24
|
|
5
25
|
* First version
|
data/Gemfile
CHANGED
@@ -5,10 +5,13 @@ gemspec
|
|
5
5
|
|
6
6
|
gem "bridgetown", ENV["BRIDGETOWN_VERSION"] if ENV["BRIDGETOWN_VERSION"]
|
7
7
|
|
8
|
+
group :development, :test do
|
9
|
+
gem "byebug"
|
10
|
+
end
|
11
|
+
|
8
12
|
group :test do
|
9
13
|
gem "minitest"
|
10
14
|
gem "minitest-profile"
|
11
15
|
gem "minitest-reporters"
|
12
16
|
gem "shoulda"
|
13
|
-
end
|
14
|
-
|
17
|
+
end
|
data/README.md
CHANGED
@@ -1,5 +1,8 @@
|
|
1
1
|
# Bridgetown Content Security Policy
|
2
2
|
|
3
|
+
[![Tests](https://github.com/ayushn21/bridgetown-content-security-policy/actions/workflows/tests.yml/badge.svg?branch=main)](https://github.com/ayushn21/bridgetown-content-security-policy/actions/workflows/tests.yml)
|
4
|
+
[![Gem Version](https://badge.fury.io/rb/bridgetown-content-security-policy.svg)](https://badge.fury.io/rb/bridgetown-content-security-policy)
|
5
|
+
|
3
6
|
A Bridgetown plugin to include a [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) as a meta tag on all your pages.
|
4
7
|
|
5
8
|
## Installation
|
@@ -14,7 +17,7 @@ $ bundle exec bridgetown apply https://github.com/ayushn21/bridgetown-content-se
|
|
14
17
|
|
15
18
|
The plugin allows you to define one or more Content Security Policies using a convenient Ruby DSL.
|
16
19
|
|
17
|
-
The installation should create a `content_security_policy.config.rb` file in your project
|
20
|
+
The installation should create a `content_security_policy.config.rb` file in your project's `config` directory. More info about the DSL is contained in the file.
|
18
21
|
|
19
22
|
You can define a specific CSP for pages by setting `content_security_policy:` in your frontmatter; and then defining the relevent CSP in `content_security_policy.config.rb`.
|
20
23
|
|
@@ -43,3 +46,9 @@ Add the appropriate CSP tag in the `head` tag of **_your layout file_** to inclu
|
|
43
46
|
4. Commit your changes (`git commit -am 'Add some feature'`)
|
44
47
|
5. Push to the branch (`git push origin my-new-feature`)
|
45
48
|
6. Create a new Pull Request
|
49
|
+
|
50
|
+
## License
|
51
|
+
|
52
|
+
Bridgetown Content Security Policy is released under the [MIT License](https://opensource.org/licenses/MIT).
|
53
|
+
|
54
|
+
Copyright © 2021 [Ayush Newatia](https://twitter.com/ayushn21)
|
@@ -16,12 +16,12 @@ Gem::Specification.new do |spec|
|
|
16
16
|
spec.require_paths = ["lib"]
|
17
17
|
spec.metadata = {}
|
18
18
|
|
19
|
-
spec.required_ruby_version = ">= 2.
|
19
|
+
spec.required_ruby_version = ">= 2.7.0"
|
20
20
|
|
21
|
-
spec.add_dependency "bridgetown", ">= 0
|
21
|
+
spec.add_dependency "bridgetown", ">= 1.0", "< 2.0"
|
22
22
|
|
23
23
|
spec.add_development_dependency "bundler"
|
24
|
-
spec.add_development_dependency "nokogiri"
|
25
|
-
spec.add_development_dependency "rake"
|
26
|
-
spec.add_development_dependency "rubocop-bridgetown"
|
24
|
+
spec.add_development_dependency "nokogiri"
|
25
|
+
spec.add_development_dependency "rake"
|
26
|
+
spec.add_development_dependency "rubocop-bridgetown"
|
27
27
|
end
|
data/bridgetown.automation.rb
CHANGED
@@ -2,7 +2,7 @@ say_status :content_security_policy, "Installing the bridgetown-content-security
|
|
2
2
|
|
3
3
|
add_bridgetown_plugin "bridgetown-content-security-policy"
|
4
4
|
|
5
|
-
create_file "content_security_policy.config.rb" do
|
5
|
+
create_file "config/content_security_policy.config.rb" do
|
6
6
|
<<~RUBY
|
7
7
|
# The recommended default Content Security Policy
|
8
8
|
|
@@ -10,9 +10,6 @@ create_file "content_security_policy.config.rb" do
|
|
10
10
|
policy.default_src :self
|
11
11
|
policy.img_src :self, :data
|
12
12
|
policy.object_src :none
|
13
|
-
|
14
|
-
# Allow BrowserSync in development
|
15
|
-
policy.script_src :self, :unsafe_inline if Bridgetown.environment.development?
|
16
13
|
end
|
17
14
|
|
18
15
|
# All other policies with inherit from :default
|
@@ -9,7 +9,7 @@ module BridgetownContentSecurityPolicy
|
|
9
9
|
|
10
10
|
class Builder < Bridgetown::Builder
|
11
11
|
def build
|
12
|
-
require_relative site.in_root_dir("content_security_policy.config.rb")
|
12
|
+
require_relative site.in_root_dir("config", "content_security_policy.config.rb")
|
13
13
|
|
14
14
|
unless default_policy
|
15
15
|
# rubocop:disable Layout/LineLength
|
@@ -49,7 +49,7 @@ module BridgetownContentSecurityPolicy
|
|
49
49
|
end
|
50
50
|
|
51
51
|
def markup_for_policy(policy)
|
52
|
-
"<meta http-equiv=\"Content-Security-Policy\" content=\"#{policy.build}\">"
|
52
|
+
"<meta http-equiv=\"Content-Security-Policy\" content=\"#{policy.build}\">".html_safe
|
53
53
|
end
|
54
54
|
|
55
55
|
def default_policy
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bridgetown-content-security-policy
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ayush Newatia
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-01-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bridgetown
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0
|
19
|
+
version: '1.0'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: '2.0'
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: '0
|
29
|
+
version: '1.0'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: '2.0'
|
@@ -48,50 +48,51 @@ dependencies:
|
|
48
48
|
name: nokogiri
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
50
50
|
requirements:
|
51
|
-
- - "
|
51
|
+
- - ">="
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: '
|
53
|
+
version: '0'
|
54
54
|
type: :development
|
55
55
|
prerelease: false
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
57
57
|
requirements:
|
58
|
-
- - "
|
58
|
+
- - ">="
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: '
|
60
|
+
version: '0'
|
61
61
|
- !ruby/object:Gem::Dependency
|
62
62
|
name: rake
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|
64
64
|
requirements:
|
65
|
-
- - "
|
65
|
+
- - ">="
|
66
66
|
- !ruby/object:Gem::Version
|
67
|
-
version: '
|
67
|
+
version: '0'
|
68
68
|
type: :development
|
69
69
|
prerelease: false
|
70
70
|
version_requirements: !ruby/object:Gem::Requirement
|
71
71
|
requirements:
|
72
|
-
- - "
|
72
|
+
- - ">="
|
73
73
|
- !ruby/object:Gem::Version
|
74
|
-
version: '
|
74
|
+
version: '0'
|
75
75
|
- !ruby/object:Gem::Dependency
|
76
76
|
name: rubocop-bridgetown
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|
78
78
|
requirements:
|
79
|
-
- - "
|
79
|
+
- - ">="
|
80
80
|
- !ruby/object:Gem::Version
|
81
|
-
version: '0
|
81
|
+
version: '0'
|
82
82
|
type: :development
|
83
83
|
prerelease: false
|
84
84
|
version_requirements: !ruby/object:Gem::Requirement
|
85
85
|
requirements:
|
86
|
-
- - "
|
86
|
+
- - ">="
|
87
87
|
- !ruby/object:Gem::Version
|
88
|
-
version: '0
|
89
|
-
description:
|
88
|
+
version: '0'
|
89
|
+
description:
|
90
90
|
email: ayush@hey.com
|
91
91
|
executables: []
|
92
92
|
extensions: []
|
93
93
|
extra_rdoc_files: []
|
94
94
|
files:
|
95
|
+
- ".github/workflows/tests.yml"
|
95
96
|
- ".gitignore"
|
96
97
|
- ".rubocop.yml"
|
97
98
|
- CHANGELOG.md
|
@@ -109,7 +110,7 @@ homepage: https://github.com/ayushn21/bridgetown-content-security-policy
|
|
109
110
|
licenses:
|
110
111
|
- MIT
|
111
112
|
metadata: {}
|
112
|
-
post_install_message:
|
113
|
+
post_install_message:
|
113
114
|
rdoc_options: []
|
114
115
|
require_paths:
|
115
116
|
- lib
|
@@ -117,15 +118,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
117
118
|
requirements:
|
118
119
|
- - ">="
|
119
120
|
- !ruby/object:Gem::Version
|
120
|
-
version: 2.
|
121
|
+
version: 2.7.0
|
121
122
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
122
123
|
requirements:
|
123
124
|
- - ">="
|
124
125
|
- !ruby/object:Gem::Version
|
125
126
|
version: '0'
|
126
127
|
requirements: []
|
127
|
-
rubygems_version: 3.
|
128
|
-
signing_key:
|
128
|
+
rubygems_version: 3.2.33
|
129
|
+
signing_key:
|
129
130
|
specification_version: 4
|
130
131
|
summary: Add a content security policy to your website using a convenient Ruby DSL
|
131
132
|
test_files: []
|