csp-util 1.1.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/csp_util.rb +1 -2
- data/lib/csp_util/directive.rb +41 -16
- data/lib/csp_util/directives.rb +59 -0
- data/lib/csp_util/version.rb +1 -1
- metadata +4 -5
- data/lib/csp_util/join_directives.rb +0 -9
- data/lib/csp_util/parse_directives.rb +0 -27
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5685705b8d2a895ab24cd1924ffb2bf3e29b4e076c08341bd40fe59bd2882910
|
|
4
|
+
data.tar.gz: 351d968a887cce2d67a987441d5380a50f6d9ef0cfe4c4192df059bb44289b97
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ae550162fe492a7a8b72586e26d4dabfada9accddd944b1df3ef2c71b8d11a7cc77380283244f5622003cab35979c1109f6ef4155418beba209c0caefcbc98aa
|
|
7
|
+
data.tar.gz: 3bc808773778786e4d8836beb47c6a071e68bf0569477d7d5909dc79c5f7bade9aeb2baa6b57be63f66480ae986c800fc3693b4d9c52d3942b6213ed1f0e90ef
|
data/lib/csp_util.rb
CHANGED
data/lib/csp_util/directive.rb
CHANGED
|
@@ -17,31 +17,56 @@ module CSPUtil
|
|
|
17
17
|
|
|
18
18
|
attr_reader :name, :value
|
|
19
19
|
|
|
20
|
-
def initialize(
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
@name = dir_name
|
|
25
|
-
@value =
|
|
26
|
-
if dir_value
|
|
27
|
-
dir_value.split(' ').map(&:strip)
|
|
28
|
-
else
|
|
29
|
-
[]
|
|
30
|
-
end
|
|
20
|
+
def initialize(name=nil, value=nil)
|
|
21
|
+
self.name = name if name
|
|
22
|
+
self.value = value if value
|
|
23
|
+
return self
|
|
31
24
|
end
|
|
32
25
|
|
|
33
|
-
def
|
|
34
|
-
|
|
26
|
+
def parse!(token)
|
|
27
|
+
name, value = token.split(' ', 2)
|
|
28
|
+
self.name = name
|
|
29
|
+
self.value = value
|
|
30
|
+
return self
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def name=(name)
|
|
34
|
+
validate_name!(name)
|
|
35
|
+
@name = name
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def value=(value)
|
|
39
|
+
if value.is_a?(Array)
|
|
40
|
+
@value = value.map(&:strip)
|
|
41
|
+
elsif value
|
|
42
|
+
@value = value.split(' ').map(&:strip)
|
|
43
|
+
else
|
|
44
|
+
@value = []
|
|
45
|
+
end
|
|
46
|
+
end
|
|
35
47
|
|
|
36
|
-
|
|
48
|
+
def add_value(value)
|
|
49
|
+
if value.is_a?(Array)
|
|
50
|
+
@value = (@value << value).flatten.uniq
|
|
51
|
+
else
|
|
52
|
+
@value = (@value << value.strip).uniq
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def delete_value(value)
|
|
57
|
+
@value.delete(value)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def same_name?(another_directive)
|
|
61
|
+
@name.casecmp(another_directive.name).zero?
|
|
37
62
|
end
|
|
38
63
|
|
|
39
64
|
def to_h
|
|
40
|
-
{ name: name, value: value }
|
|
65
|
+
{ name: @name, value: @value }
|
|
41
66
|
end
|
|
42
67
|
|
|
43
68
|
def to_s
|
|
44
|
-
[name, value.join(' ')].reject(&:empty?).join(' ')
|
|
69
|
+
[@name, @value.join(' ')].reject(&:empty?).join(' ')
|
|
45
70
|
end
|
|
46
71
|
|
|
47
72
|
private
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module CSPUtil
|
|
4
|
+
class << self
|
|
5
|
+
def join_directives(directives)
|
|
6
|
+
directives.map(&:to_s).join('; ')
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def add_to_directives(directives, directive)
|
|
10
|
+
# add value to existing directive
|
|
11
|
+
directives.each do |d|
|
|
12
|
+
if d.same_name?(directive)
|
|
13
|
+
d.add_value(directive.value)
|
|
14
|
+
return directives
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
# or add directive
|
|
19
|
+
return directives << directive
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def delete_from_directives(directives, directive)
|
|
23
|
+
directives.each do |d|
|
|
24
|
+
if d.same_name?(directive)
|
|
25
|
+
d.value = d.value - directive.value
|
|
26
|
+
break
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
directives.reject! do |d|
|
|
31
|
+
d.value.size == 0
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
return directives
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def parse_directives(serialized_policy)
|
|
38
|
+
tokens = serialized_policy.split(';')
|
|
39
|
+
tokens.each_with_object([]) do |token, directives|
|
|
40
|
+
token.strip!
|
|
41
|
+
next if token.empty?
|
|
42
|
+
|
|
43
|
+
directive = Directive.new
|
|
44
|
+
directive.parse!(token)
|
|
45
|
+
validate_uniqueness!(directive, directives)
|
|
46
|
+
|
|
47
|
+
directives << directive
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
private
|
|
52
|
+
|
|
53
|
+
def validate_uniqueness!(directive, directives)
|
|
54
|
+
return if directives.none? { |d| d.same_name?(directive) }
|
|
55
|
+
|
|
56
|
+
raise(DuplicateDirective, directive.name)
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
end
|
data/lib/csp_util/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: csp-util
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Templarbit
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-03-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: pry
|
|
@@ -83,9 +83,8 @@ files:
|
|
|
83
83
|
- csp-util.gemspec
|
|
84
84
|
- lib/csp_util.rb
|
|
85
85
|
- lib/csp_util/directive.rb
|
|
86
|
+
- lib/csp_util/directives.rb
|
|
86
87
|
- lib/csp_util/errors.rb
|
|
87
|
-
- lib/csp_util/join_directives.rb
|
|
88
|
-
- lib/csp_util/parse_directives.rb
|
|
89
88
|
- lib/csp_util/version.rb
|
|
90
89
|
homepage: https://github.com/templarbit/ruby-csp-util
|
|
91
90
|
licenses:
|
|
@@ -107,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
107
106
|
version: '0'
|
|
108
107
|
requirements: []
|
|
109
108
|
rubyforge_project:
|
|
110
|
-
rubygems_version: 2.7.
|
|
109
|
+
rubygems_version: 2.7.6
|
|
111
110
|
signing_key:
|
|
112
111
|
specification_version: 4
|
|
113
112
|
summary: Content-Security-Policy utils
|
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
module CSPUtil
|
|
4
|
-
class << self
|
|
5
|
-
def parse_directives(serialized_policy)
|
|
6
|
-
tokens = serialized_policy.split(';')
|
|
7
|
-
|
|
8
|
-
tokens.each_with_object([]) do |token, directives|
|
|
9
|
-
token.strip!
|
|
10
|
-
next if token.empty?
|
|
11
|
-
|
|
12
|
-
directive = Directive.new(token)
|
|
13
|
-
validate_uniqueness!(directive, directives)
|
|
14
|
-
|
|
15
|
-
directives << directive
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
private
|
|
20
|
-
|
|
21
|
-
def validate_uniqueness!(directive, directives)
|
|
22
|
-
return if directives.none? { |d| d.same_name?(directive) }
|
|
23
|
-
|
|
24
|
-
raise(DuplicateDirective, directive.name)
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
end
|