govuk_app_config 1.18.1 → 1.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/govuk_app_config/govuk_content_security_policy.rb +2 -3
- data/lib/govuk_app_config/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d37e912e97b61b2e44e7426227dec0d41ba54f038d0c699bc211fdaf16a0d78
|
4
|
+
data.tar.gz: ee89d83862262cedf567af94127caee6742418442a510a801e319a97af68d8e7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f33fd6b8fa2860522faaf3bc0b98464060bf38f66844c81ba93e71d98cc0f10e7dd15f6dd70384ee49b8b644ca82816b7a53fd4f5310807f7582bc073d15a28d
|
7
|
+
data.tar.gz: f9a936b6ef4d608aa7de868b4eeb933c5f98301f8f7fa9d0397dcbc454bde939a1e4f0b624e5739461b042f3adac0bba1526d291f96bd806c6b9996d0c7084a5
|
data/CHANGELOG.md
CHANGED
@@ -71,12 +71,11 @@ module GovukContentSecurityPolicy
|
|
71
71
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src
|
72
72
|
policy.frame_src :self, *GOVUK_DOMAINS, "www.youtube.com" # Allow youtube embeds
|
73
73
|
|
74
|
-
|
75
|
-
policy.report_uri "https://jhpno0hk6b.execute-api.eu-west-2.amazonaws.com/production" if Rails.env.production?
|
74
|
+
policy.report_uri ENV["GOVUK_CSP_REPORT_URI"] if ENV.include?("GOVUK_CSP_REPORT_URI")
|
76
75
|
end
|
77
76
|
|
78
77
|
def self.configure
|
79
|
-
Rails.application.config.content_security_policy_report_only =
|
78
|
+
Rails.application.config.content_security_policy_report_only = ENV.include?("GOVUK_CSP_REPORT_ONLY")
|
80
79
|
|
81
80
|
Rails.application.config.content_security_policy(&method(:build_policy))
|
82
81
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: govuk_app_config
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.19.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GOV.UK Dev
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-06-
|
11
|
+
date: 2019-06-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-xray-sdk
|