govuk_app_config 1.19.0 → 1.20.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/README.md +2 -2
- data/govuk_app_config.gemspec +6 -6
- data/lib/govuk_app_config/configure.rb +9 -18
- data/lib/govuk_app_config/govuk_content_security_policy.rb +4 -2
- data/lib/govuk_app_config/version.rb +1 -1
- metadata +34 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 835a2266696c7d95ca1e986e01361d08c7ada615f9ca5de5380c8b1a0f75778c
|
4
|
+
data.tar.gz: ff9421aa81df71f3ed5c71676e247816ce72362cf7e78931dfe02b385b709f11
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 27c781bd285e5a39d4cd4fdff347589e39e646bbb36881f3f147bfc4461250d5c3c2c2b5e79daead39f42af25d7de0812e6d389142456b6ff3159eb16749f6a9
|
7
|
+
data.tar.gz: 5408fc6e77e8725d74c0e181061c82fedb90f84fa35616e5ce0bc6deca50a82248081041111db6523d28597d220c8e0e14e377b0832e0ad058ba5b0f842a4710
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -119,8 +119,8 @@ logs to `STDOUT` and unstructed logs to `STDERR`.
|
|
119
119
|
## Content Security Policy generation
|
120
120
|
|
121
121
|
For frontend apps, configuration can be added to generate and serve a
|
122
|
-
content security policy header. The policy is report only when the
|
123
|
-
environment is set
|
122
|
+
content security policy header. The policy is report only when the
|
123
|
+
environment variable `GOVUK_CSP_REPORT_ONLY` is set, and enforced otherwise.
|
124
124
|
|
125
125
|
To enable this feature, create a file at `config/initializers/csp.rb` in the
|
126
126
|
app with the following content:
|
data/govuk_app_config.gemspec
CHANGED
@@ -23,15 +23,15 @@ Gem::Specification.new do |spec|
|
|
23
23
|
|
24
24
|
spec.add_dependency "aws-xray-sdk", "~> 0.10.0"
|
25
25
|
spec.add_dependency "statsd-ruby", "~> 1.4.0"
|
26
|
-
spec.add_dependency "logstasher", "
|
27
|
-
spec.add_dependency "sentry-raven", "
|
28
|
-
spec.add_dependency "unicorn", "
|
26
|
+
spec.add_dependency "logstasher", ">= 1.2.2", "< 1.4.0"
|
27
|
+
spec.add_dependency "sentry-raven", ">= 2.7.1", "< 2.10.0"
|
28
|
+
spec.add_dependency "unicorn", ">= 5.4", "< 5.6"
|
29
29
|
|
30
30
|
spec.add_development_dependency "bundler", "~> 1.15"
|
31
31
|
spec.add_development_dependency "rails", "~> 5"
|
32
|
-
spec.add_development_dependency "rake", "~>
|
33
|
-
spec.add_development_dependency "rspec", "~> 3.
|
34
|
-
spec.add_development_dependency "rspec-its", "~> 1.
|
32
|
+
spec.add_development_dependency "rake", "~> 12.3"
|
33
|
+
spec.add_development_dependency "rspec", "~> 3.8.0"
|
34
|
+
spec.add_development_dependency "rspec-its", "~> 1.3.0"
|
35
35
|
spec.add_development_dependency "climate_control"
|
36
36
|
spec.add_development_dependency "webmock"
|
37
37
|
spec.add_development_dependency "pry"
|
@@ -1,23 +1,7 @@
|
|
1
|
-
if defined?(Airbrake)
|
2
|
-
raise "This gem isn't compatible with Airbrake. Please remove it from the Gemfile."
|
3
|
-
end
|
4
|
-
|
5
1
|
GovukError.configure do |config|
|
6
|
-
|
7
|
-
# there's a better way: https://github.com/getsentry/raven-ruby/pull/750
|
8
|
-
config.should_capture = Proc.new { |e|
|
2
|
+
config.before_send = Proc.new { |e|
|
9
3
|
GovukStatsd.increment("errors_occurred")
|
10
|
-
|
11
|
-
# For backwards compatibility
|
12
|
-
GovukStatsd.increment("errbit.errors_occurred")
|
13
|
-
|
14
|
-
exception_class = e.respond_to?(:original_exception) ? e.original_exception.class : e.class
|
15
|
-
if exception_class.ancestors.any? { |c| c.name =~ /^GdsApi::(HTTPIntermittent|TimedOutException)/ }
|
16
|
-
GovukStatsd.increment("gds_api_adapters.errors.#{e.class.name.demodulize.underscore}")
|
17
|
-
false
|
18
|
-
else
|
19
|
-
true
|
20
|
-
end
|
4
|
+
GovukStatsd.increment("error_types.#{e.class.name.demodulize.underscore}")
|
21
5
|
}
|
22
6
|
|
23
7
|
config.silence_ready = !Rails.env.production? if defined?(Rails)
|
@@ -34,10 +18,17 @@ GovukError.configure do |config|
|
|
34
18
|
'ActiveJob::DeserializationError',
|
35
19
|
'ActiveRecord::RecordNotFound',
|
36
20
|
'CGI::Session::CookieStore::TamperedWithCookie',
|
21
|
+
'GdsApi::HTTPIntermittent',
|
22
|
+
'GdsApi::TimedOutException',
|
37
23
|
'Mongoid::Errors::DocumentNotFound',
|
38
24
|
'Sinatra::NotFound',
|
39
25
|
]
|
40
26
|
|
27
|
+
# This will exclude exceptions that are triggered by one of the ignored
|
28
|
+
# exceptions. For example, when any exception occurs in a template,
|
29
|
+
# Rails will raise a ActionView::Template::Error, instead of the original error.
|
30
|
+
config.inspect_exception_causes_for_exclusion = true
|
31
|
+
|
41
32
|
config.transport_failure_callback = Proc.new {
|
42
33
|
GovukStatsd.increment("error_reports_failed")
|
43
34
|
}
|
@@ -10,7 +10,8 @@ module GovukContentSecurityPolicy
|
|
10
10
|
|
11
11
|
GOVUK_DOMAINS = [
|
12
12
|
'*.publishing.service.gov.uk',
|
13
|
-
"*.#{ENV['GOVUK_APP_DOMAIN_EXTERNAL'] || ENV['GOVUK_APP_DOMAIN'] || 'dev.gov.uk'}"
|
13
|
+
"*.#{ENV['GOVUK_APP_DOMAIN_EXTERNAL'] || ENV['GOVUK_APP_DOMAIN'] || 'dev.gov.uk'}",
|
14
|
+
"*.dev.gov.uk"
|
14
15
|
].uniq.freeze
|
15
16
|
|
16
17
|
GOOGLE_ANALYTICS_DOMAINS = %w(www.google-analytics.com
|
@@ -38,6 +39,7 @@ module GovukContentSecurityPolicy
|
|
38
39
|
# Allow YouTube Embeds (Govspeak turns YouTube links into embeds)
|
39
40
|
"*.ytimg.com",
|
40
41
|
"www.youtube.com",
|
42
|
+
"www.youtube-nocookie.com",
|
41
43
|
# Allow all inline scripts until we can conclusively
|
42
44
|
# document all the inline scripts we use,
|
43
45
|
# and there's a better way to filter out junk reports
|
@@ -69,7 +71,7 @@ module GovukContentSecurityPolicy
|
|
69
71
|
policy.object_src :none
|
70
72
|
|
71
73
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src
|
72
|
-
policy.frame_src :self, *GOVUK_DOMAINS, "www.youtube.com" # Allow youtube embeds
|
74
|
+
policy.frame_src :self, *GOVUK_DOMAINS, "www.youtube.com", "www.youtube-nocookie.com" # Allow youtube embeds
|
73
75
|
|
74
76
|
policy.report_uri ENV["GOVUK_CSP_REPORT_URI"] if ENV.include?("GOVUK_CSP_REPORT_URI")
|
75
77
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: govuk_app_config
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.20.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GOV.UK Dev
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-07-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-xray-sdk
|
@@ -42,44 +42,62 @@ dependencies:
|
|
42
42
|
name: logstasher
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
|
-
- - "
|
45
|
+
- - ">="
|
46
46
|
- !ruby/object:Gem::Version
|
47
47
|
version: 1.2.2
|
48
|
+
- - "<"
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: 1.4.0
|
48
51
|
type: :runtime
|
49
52
|
prerelease: false
|
50
53
|
version_requirements: !ruby/object:Gem::Requirement
|
51
54
|
requirements:
|
52
|
-
- - "
|
55
|
+
- - ">="
|
53
56
|
- !ruby/object:Gem::Version
|
54
57
|
version: 1.2.2
|
58
|
+
- - "<"
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: 1.4.0
|
55
61
|
- !ruby/object:Gem::Dependency
|
56
62
|
name: sentry-raven
|
57
63
|
requirement: !ruby/object:Gem::Requirement
|
58
64
|
requirements:
|
59
|
-
- - "
|
65
|
+
- - ">="
|
60
66
|
- !ruby/object:Gem::Version
|
61
67
|
version: 2.7.1
|
68
|
+
- - "<"
|
69
|
+
- !ruby/object:Gem::Version
|
70
|
+
version: 2.10.0
|
62
71
|
type: :runtime
|
63
72
|
prerelease: false
|
64
73
|
version_requirements: !ruby/object:Gem::Requirement
|
65
74
|
requirements:
|
66
|
-
- - "
|
75
|
+
- - ">="
|
67
76
|
- !ruby/object:Gem::Version
|
68
77
|
version: 2.7.1
|
78
|
+
- - "<"
|
79
|
+
- !ruby/object:Gem::Version
|
80
|
+
version: 2.10.0
|
69
81
|
- !ruby/object:Gem::Dependency
|
70
82
|
name: unicorn
|
71
83
|
requirement: !ruby/object:Gem::Requirement
|
72
84
|
requirements:
|
73
|
-
- - "
|
85
|
+
- - ">="
|
86
|
+
- !ruby/object:Gem::Version
|
87
|
+
version: '5.4'
|
88
|
+
- - "<"
|
74
89
|
- !ruby/object:Gem::Version
|
75
|
-
version: 5.
|
90
|
+
version: '5.6'
|
76
91
|
type: :runtime
|
77
92
|
prerelease: false
|
78
93
|
version_requirements: !ruby/object:Gem::Requirement
|
79
94
|
requirements:
|
80
|
-
- - "
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '5.4'
|
98
|
+
- - "<"
|
81
99
|
- !ruby/object:Gem::Version
|
82
|
-
version: 5.
|
100
|
+
version: '5.6'
|
83
101
|
- !ruby/object:Gem::Dependency
|
84
102
|
name: bundler
|
85
103
|
requirement: !ruby/object:Gem::Requirement
|
@@ -114,42 +132,42 @@ dependencies:
|
|
114
132
|
requirements:
|
115
133
|
- - "~>"
|
116
134
|
- !ruby/object:Gem::Version
|
117
|
-
version: '
|
135
|
+
version: '12.3'
|
118
136
|
type: :development
|
119
137
|
prerelease: false
|
120
138
|
version_requirements: !ruby/object:Gem::Requirement
|
121
139
|
requirements:
|
122
140
|
- - "~>"
|
123
141
|
- !ruby/object:Gem::Version
|
124
|
-
version: '
|
142
|
+
version: '12.3'
|
125
143
|
- !ruby/object:Gem::Dependency
|
126
144
|
name: rspec
|
127
145
|
requirement: !ruby/object:Gem::Requirement
|
128
146
|
requirements:
|
129
147
|
- - "~>"
|
130
148
|
- !ruby/object:Gem::Version
|
131
|
-
version: 3.
|
149
|
+
version: 3.8.0
|
132
150
|
type: :development
|
133
151
|
prerelease: false
|
134
152
|
version_requirements: !ruby/object:Gem::Requirement
|
135
153
|
requirements:
|
136
154
|
- - "~>"
|
137
155
|
- !ruby/object:Gem::Version
|
138
|
-
version: 3.
|
156
|
+
version: 3.8.0
|
139
157
|
- !ruby/object:Gem::Dependency
|
140
158
|
name: rspec-its
|
141
159
|
requirement: !ruby/object:Gem::Requirement
|
142
160
|
requirements:
|
143
161
|
- - "~>"
|
144
162
|
- !ruby/object:Gem::Version
|
145
|
-
version: 1.
|
163
|
+
version: 1.3.0
|
146
164
|
type: :development
|
147
165
|
prerelease: false
|
148
166
|
version_requirements: !ruby/object:Gem::Requirement
|
149
167
|
requirements:
|
150
168
|
- - "~>"
|
151
169
|
- !ruby/object:Gem::Version
|
152
|
-
version: 1.
|
170
|
+
version: 1.3.0
|
153
171
|
- !ruby/object:Gem::Dependency
|
154
172
|
name: climate_control
|
155
173
|
requirement: !ruby/object:Gem::Requirement
|