bridgetown-content-security-policy 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +2 -0
- data/CHANGELOG.md +14 -0
- data/Gemfile +5 -2
- data/README.md +1 -1
- data/bridgetown.automation.rb +1 -1
- data/lib/bridgetown-content-security-policy/builder.rb +2 -2
- data/lib/bridgetown-content-security-policy/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 12b56bfe7c0ab61d060c3a9b1267e51f4298d8b6be18b8f94c310170213f102b
|
|
4
|
+
data.tar.gz: 546b68954773e45cb3c3917917bf8b250763b37f9164a4d88780f8788ba47927
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8da299814926c78b587739fd1b16e64f1e757043aad12c18e38897213224b2b82b2961b73ce8b79ebe8fcb9a23e5f1316b758e26e7ee08104bda6028a0fe633f
|
|
7
|
+
data.tar.gz: 5c94a309e87eaa1a91363fed59cf0a392fce7945d946bdafd0e80ffb2fb8e5a44828338ee332c46b4c8ab76dce4d33753538606a6ce34012cde863e4c004d4f5
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,19 @@
|
|
|
1
1
|
# main
|
|
2
2
|
|
|
3
|
+
# 1.1.0 / 08-06-2021
|
|
4
|
+
|
|
5
|
+
* Change location of CSP config file to `config/`.
|
|
6
|
+
* Fix issue where escaped HTML was output in ERB templates.
|
|
7
|
+
|
|
8
|
+
# 1.0.0 / 19-01-2021
|
|
9
|
+
|
|
10
|
+
* Permit browsersync in development in the default policy
|
|
11
|
+
* Add helper for tilt based templates
|
|
12
|
+
|
|
13
|
+
# 0.1.1 / 13-01-2021
|
|
14
|
+
|
|
15
|
+
* Fix syntax
|
|
16
|
+
|
|
3
17
|
# 0.1.0 / 13-01-2021
|
|
4
18
|
|
|
5
19
|
* First version
|
data/Gemfile
CHANGED
|
@@ -5,10 +5,13 @@ gemspec
|
|
|
5
5
|
|
|
6
6
|
gem "bridgetown", ENV["BRIDGETOWN_VERSION"] if ENV["BRIDGETOWN_VERSION"]
|
|
7
7
|
|
|
8
|
+
group :development, :test do
|
|
9
|
+
gem "byebug"
|
|
10
|
+
end
|
|
11
|
+
|
|
8
12
|
group :test do
|
|
9
13
|
gem "minitest"
|
|
10
14
|
gem "minitest-profile"
|
|
11
15
|
gem "minitest-reporters"
|
|
12
16
|
gem "shoulda"
|
|
13
|
-
end
|
|
14
|
-
|
|
17
|
+
end
|
data/README.md
CHANGED
|
@@ -14,7 +14,7 @@ $ bundle exec bridgetown apply https://github.com/ayushn21/bridgetown-content-se
|
|
|
14
14
|
|
|
15
15
|
The plugin allows you to define one or more Content Security Policies using a convenient Ruby DSL.
|
|
16
16
|
|
|
17
|
-
The installation should create a `content_security_policy.config.rb` file in your project
|
|
17
|
+
The installation should create a `content_security_policy.config.rb` file in your project's `config` directory. More info about the DSL is contained in the file.
|
|
18
18
|
|
|
19
19
|
You can define a specific CSP for pages by setting `content_security_policy:` in your frontmatter; and then defining the relevent CSP in `content_security_policy.config.rb`.
|
|
20
20
|
|
data/bridgetown.automation.rb
CHANGED
|
@@ -2,7 +2,7 @@ say_status :content_security_policy, "Installing the bridgetown-content-security
|
|
|
2
2
|
|
|
3
3
|
add_bridgetown_plugin "bridgetown-content-security-policy"
|
|
4
4
|
|
|
5
|
-
create_file "content_security_policy.config.rb" do
|
|
5
|
+
create_file "config/content_security_policy.config.rb" do
|
|
6
6
|
<<~RUBY
|
|
7
7
|
# The recommended default Content Security Policy
|
|
8
8
|
|
|
@@ -9,7 +9,7 @@ module BridgetownContentSecurityPolicy
|
|
|
9
9
|
|
|
10
10
|
class Builder < Bridgetown::Builder
|
|
11
11
|
def build
|
|
12
|
-
require_relative site.in_root_dir("content_security_policy.config.rb")
|
|
12
|
+
require_relative site.in_root_dir("config", "content_security_policy.config.rb")
|
|
13
13
|
|
|
14
14
|
unless default_policy
|
|
15
15
|
# rubocop:disable Layout/LineLength
|
|
@@ -49,7 +49,7 @@ module BridgetownContentSecurityPolicy
|
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
def markup_for_policy(policy)
|
|
52
|
-
"<meta http-equiv=\"Content-Security-Policy\" content=\"#{policy.build}\">"
|
|
52
|
+
"<meta http-equiv=\"Content-Security-Policy\" content=\"#{policy.build}\">".html_safe
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
def default_policy
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bridgetown-content-security-policy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ayush Newatia
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-06-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bridgetown
|