RubyGems - enforce_same_origin - Versions diffs - 0.0.1 → 0.0.2 - Mend

enforce_same_origin 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/enforce_same_origin/rack/enforce_same_origin.rb +5 -2
data/lib/enforce_same_origin/version.rb +1 -1
data/spec/rack/enforce_same_origin_spec.rb +11 -3
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 96462b752576b00c4947b6e59dc943a1bdee738a
-  data.tar.gz: c5a24d61d34393bfa22cd87b003968d753b6a6b2
+  metadata.gz: d4230cec41ec95bb8df4b3048b2da4d2a4573c52
+  data.tar.gz: b447457e7275e38404093edfa029700ddbb1bdda
 SHA512:
-  metadata.gz: 784fff946e95ba9604cafee78fcb2028f5ea685dd3f41c7ef3dfe446d083e0315776c54c08dd66baceb4583ea738fbd5345904fc0992a785854b7fad1d4a95e7
-  data.tar.gz: 4a84c35906f67209b6cdf2b4fe89df29244cf65920917c52254881df2969c5f83660b046142714edf583a8dbcf8f7d8f8311f1590d95bb36bfac8e4f4de9978b
+  metadata.gz: e6377ceddde22d4c613929d42f02ab81d985287291e8f100944cb7152b9fb75263a0a4f63ee8511f6be52336f01ef78c35ecaf5e2178710153d7548a716734e7
+  data.tar.gz: 6a07b7dc5fa288185392ea005def4c91f51f19f0fcdb564ed16302b326892bb4036e1a6580cb3a48f3a5b234d6defaa22d727c06a14ec52e5f2170a3a7ee9d11

data/lib/enforce_same_origin/rack/enforce_same_origin.rb CHANGED Viewed

@@ -8,8 +8,11 @@ module Rack
     def call(env)
       response = @app.call(env)
       headers = Rack::Utils::HeaderHash.new(response[1])
-      headers['X-Frame-Options'] = 'SAMEORIGIN'
-      response[1] = headers
+      unless headers['X-Frame-Options'] == 'SAMEORIGIN'
+        headers['X-Frame-Options'] = 'SAMEORIGIN'
+        response[1] = headers
+      end
       response
     end

data/lib/enforce_same_origin/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 class EnforceSameOrigin
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/spec/rack/enforce_same_origin_spec.rb CHANGED Viewed

@@ -6,7 +6,15 @@ describe Rack::EnforceSameOrigin do
   let(:response) { request.call({ }) }
   let(:response_headers) { response[1] }
-   it 'sets X-Frame-Options correctly' do
-     expect(response_headers['X-Frame-Options']).to eq 'SAMEORIGIN'
-   end
+  it 'sets X-Frame-Options correctly' do
+    expect(response_headers['X-Frame-Options']).to eq 'SAMEORIGIN'
+  end
+  context "when the header is already set" do
+    let(:app) { Proc.new {[200, { 'X-Frame-Options' => 'SAMEORIGIN' }, [ ]]} }
+    it "doesn't duplicate the X-Frame-Options" do
+      expect(response_headers['X-Frame-Options']).to eq 'SAMEORIGIN'
+    end
+  end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: enforce_same_origin
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Patrick Tulskie