RubyGems - govuk_app_config - Versions diffs - 1.18.1 → 1.19.0 - Mend

govuk_app_config 1.18.1 → 1.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/lib/govuk_app_config/govuk_content_security_policy.rb +2 -3
data/lib/govuk_app_config/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a50c0d77a0aae41136b1099a036a761c3e1a965ecb0184879f8f722d40786108
-  data.tar.gz: 87d38200558b9f2b945910ee6447cb150d53e83ad06005e0fa5c439ef70eb79d
+  metadata.gz: 6d37e912e97b61b2e44e7426227dec0d41ba54f038d0c699bc211fdaf16a0d78
+  data.tar.gz: ee89d83862262cedf567af94127caee6742418442a510a801e319a97af68d8e7
 SHA512:
-  metadata.gz: af87829f8bf53a26b7df8b612e3a113c5d14ac0b3f09609bb62751c8376b20c81b37958702f43a9829d5c20ccaaf784c2b0e09ad9a5da034e323e2db228af7b2
-  data.tar.gz: 7786abef8b8319af18b79779e98f721c3526947d804534ef6f78c4b47b14e380997052de3f3fa10e8d4d4f661855fce1fa466894b7d8eab447ea54d12f75ad82
+  metadata.gz: f33fd6b8fa2860522faaf3bc0b98464060bf38f66844c81ba93e71d98cc0f10e7dd15f6dd70384ee49b8b644ca82816b7a53fd4f5310807f7582bc073d15a28d
+  data.tar.gz: f9a936b6ef4d608aa7de868b4eeb933c5f98301f8f7fa9d0397dcbc454bde939a1e4f0b624e5739461b042f3adac0bba1526d291f96bd806c6b9996d0c7084a5

data/CHANGELOG.md CHANGED

@@ -1,3 +1,8 @@
+# 1.19.0
+* Use `GOVUK_CSP_REPORT_ONLY` and `GOVUK_CSP_REPORT_URI` to configure
+  content security policy.
 # 1.18.1
 * Fix incorrect report_uri= method usage in content security policy

data/lib/govuk_app_config/govuk_content_security_policy.rb CHANGED

@@ -71,12 +71,11 @@ module GovukContentSecurityPolicy
     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src
     policy.frame_src :self, *GOVUK_DOMAINS, "www.youtube.com" # Allow youtube embeds
-    # AWS Lambda function that filters out junk reports.
-    policy.report_uri "https://jhpno0hk6b.execute-api.eu-west-2.amazonaws.com/production" if Rails.env.production?
+    policy.report_uri ENV["GOVUK_CSP_REPORT_URI"] if ENV.include?("GOVUK_CSP_REPORT_URI")
   end
   def self.configure
-    Rails.application.config.content_security_policy_report_only = true if Rails.env.production?
+    Rails.application.config.content_security_policy_report_only = ENV.include?("GOVUK_CSP_REPORT_ONLY")
     Rails.application.config.content_security_policy(&method(:build_policy))
   end

data/lib/govuk_app_config/version.rb CHANGED

@@ -1,3 +1,3 @@
 module GovukAppConfig
-  VERSION = "1.18.1"
+  VERSION = "1.19.0"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: govuk_app_config
 version: !ruby/object:Gem::Version
-  version: 1.18.1
+  version: 1.19.0
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-06-03 00:00:00.000000000 Z
+date: 2019-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-xray-sdk