enforce_same_origin 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/enforce_same_origin/rack/enforce_same_origin.rb +5 -2
  3. data/lib/enforce_same_origin/version.rb +1 -1
  4. data/spec/rack/enforce_same_origin_spec.rb +11 -3
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 96462b752576b00c4947b6e59dc943a1bdee738a
4
- data.tar.gz: c5a24d61d34393bfa22cd87b003968d753b6a6b2
3
+ metadata.gz: d4230cec41ec95bb8df4b3048b2da4d2a4573c52
4
+ data.tar.gz: b447457e7275e38404093edfa029700ddbb1bdda
5
5
  SHA512:
6
- metadata.gz: 784fff946e95ba9604cafee78fcb2028f5ea685dd3f41c7ef3dfe446d083e0315776c54c08dd66baceb4583ea738fbd5345904fc0992a785854b7fad1d4a95e7
7
- data.tar.gz: 4a84c35906f67209b6cdf2b4fe89df29244cf65920917c52254881df2969c5f83660b046142714edf583a8dbcf8f7d8f8311f1590d95bb36bfac8e4f4de9978b
6
+ metadata.gz: e6377ceddde22d4c613929d42f02ab81d985287291e8f100944cb7152b9fb75263a0a4f63ee8511f6be52336f01ef78c35ecaf5e2178710153d7548a716734e7
7
+ data.tar.gz: 6a07b7dc5fa288185392ea005def4c91f51f19f0fcdb564ed16302b326892bb4036e1a6580cb3a48f3a5b234d6defaa22d727c06a14ec52e5f2170a3a7ee9d11
data/lib/enforce_same_origin/rack/enforce_same_origin.rb CHANGED
@@ -8,8 +8,11 @@ module Rack
8
8
  def call(env)
9
9
  response = @app.call(env)
10
10
  headers = Rack::Utils::HeaderHash.new(response[1])
11
- headers['X-Frame-Options'] = 'SAMEORIGIN'
12
- response[1] = headers
11
+
12
+ unless headers['X-Frame-Options'] == 'SAMEORIGIN'
13
+ headers['X-Frame-Options'] = 'SAMEORIGIN'
14
+ response[1] = headers
15
+ end
13
16
 
14
17
  response
15
18
  end
data/lib/enforce_same_origin/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  class EnforceSameOrigin
2
- VERSION = "0.0.1"
2
+ VERSION = "0.0.2"
3
3
  end
data/spec/rack/enforce_same_origin_spec.rb CHANGED
@@ -6,7 +6,15 @@ describe Rack::EnforceSameOrigin do
6
6
  let(:response) { request.call({ }) }
7
7
  let(:response_headers) { response[1] }
8
8
 
9
- it 'sets X-Frame-Options correctly' do
10
- expect(response_headers['X-Frame-Options']).to eq 'SAMEORIGIN'
11
- end
9
+ it 'sets X-Frame-Options correctly' do
10
+ expect(response_headers['X-Frame-Options']).to eq 'SAMEORIGIN'
11
+ end
12
+
13
+ context "when the header is already set" do
14
+ let(:app) { Proc.new {[200, { 'X-Frame-Options' => 'SAMEORIGIN' }, [ ]]} }
15
+
16
+ it "doesn't duplicate the X-Frame-Options" do
17
+ expect(response_headers['X-Frame-Options']).to eq 'SAMEORIGIN'
18
+ end
19
+ end
12
20
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: enforce_same_origin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Patrick Tulskie