jekyll-csp 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/jekyll-csp/csp.rb +24 -18
- data/lib/jekyll-csp/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87bf794c740e33e1683dc6bd37e54d0fac6dc44342f8af9d03938e5a39ead8dd
|
|
4
|
+
data.tar.gz: e5ed9bd0bc9136eada039e26fa184332c9c281b5251f0bfd6beb6e971d20b45a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e66bfa97a218e35b098509ece896d2f35d55af23b35cef1f14660e9c07cf26bc6cf5ddda9ffabfabaabadcf791a858dbaf6aab1c0bc236c82e12812aae488a90
|
|
7
|
+
data.tar.gz: 70bf27b010d71e5dc876744f3577b627561ea3231b039390abd10ff0bc72c084cf399a830b1129d3050147f22fc15152b7832f5538c10c5d7cb0146c38ff4208
|
data/lib/jekyll-csp/csp.rb
CHANGED
|
@@ -28,7 +28,7 @@ module CSP
|
|
|
28
28
|
@indentation = config['indentation'] || 2
|
|
29
29
|
@enable_newlines = config['newlines'].to_s ? config['newlines'] : true
|
|
30
30
|
@debug = config['debug'].to_s ? config['debug'] : false
|
|
31
|
-
@
|
|
31
|
+
@inject_self = config['inject_self'] || ['script-src', 'style-src', 'img-src', 'frame-src']
|
|
32
32
|
|
|
33
33
|
if @enable_newlines == false
|
|
34
34
|
@indentation = 0
|
|
@@ -37,7 +37,6 @@ module CSP
|
|
|
37
37
|
self.write_debug_log(config)
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
|
|
41
40
|
##
|
|
42
41
|
# Write a debug log
|
|
43
42
|
def write_debug_log(content)
|
|
@@ -55,8 +54,12 @@ module CSP
|
|
|
55
54
|
# Line separator
|
|
56
55
|
line_sep = @enable_newlines ? "\n" : ""
|
|
57
56
|
|
|
57
|
+
if items.empty?
|
|
58
|
+
return "" << line_sep << self.get_indent_str(3) << tag << ';'
|
|
59
|
+
end
|
|
60
|
+
|
|
58
61
|
"" \
|
|
59
|
-
<< line_sep
|
|
62
|
+
<< line_sep \
|
|
60
63
|
<< self.get_indent_str(3) \
|
|
61
64
|
<< tag \
|
|
62
65
|
<< " " \
|
|
@@ -85,6 +88,7 @@ module CSP
|
|
|
85
88
|
csp['content'] = meta_content
|
|
86
89
|
end
|
|
87
90
|
|
|
91
|
+
## Locate an existing CSP or create one
|
|
88
92
|
def get_or_create_csp_tag
|
|
89
93
|
csp = @nokogiri.at_xpath("//meta[translate(@http-equiv, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz') = 'content-security-policy']")
|
|
90
94
|
|
|
@@ -119,20 +123,24 @@ module CSP
|
|
|
119
123
|
policies = content.split(';')
|
|
120
124
|
|
|
121
125
|
policies.each do |policy|
|
|
122
|
-
policy = policy.strip
|
|
126
|
+
policy = policy.strip
|
|
127
|
+
|
|
128
|
+
policy_tag = policy
|
|
129
|
+
policy_items = []
|
|
123
130
|
|
|
124
131
|
if policy.include? ' '
|
|
125
132
|
policy_parts = policy.split(' ')
|
|
133
|
+
policy_tag = policy_parts[0]
|
|
134
|
+
policy_items = policy_parts.drop(1)
|
|
135
|
+
end
|
|
126
136
|
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
if !@csp_tags.key?(policy_parts[0])
|
|
131
|
-
@csp_tags[policy_parts[0]] = []
|
|
132
|
-
end
|
|
133
|
-
|
|
134
|
-
@csp_tags[policy_parts[0]].concat(policy_parts.drop(1))
|
|
137
|
+
# If an existing tag doesn't exist, add it
|
|
138
|
+
if !@csp_tags.key?(policy_tag)
|
|
139
|
+
@csp_tags[policy_tag] = []
|
|
135
140
|
end
|
|
141
|
+
|
|
142
|
+
# Concat the tag items
|
|
143
|
+
@csp_tags[policy_tag].concat(policy_items)
|
|
136
144
|
end
|
|
137
145
|
|
|
138
146
|
@nokogiri.search('meta[http-equiv="Content-Security-Policy"]').each do |el|
|
|
@@ -144,12 +152,10 @@ module CSP
|
|
|
144
152
|
##
|
|
145
153
|
# Initialize some default values
|
|
146
154
|
def inject_defaults
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
@csp_tags.each do |tag, items|
|
|
152
|
-
items.push("'self'")
|
|
155
|
+
@csp_tags.each do |directive, properties|
|
|
156
|
+
if @inject_self.include? directive
|
|
157
|
+
properties.push("'self'")
|
|
158
|
+
end
|
|
153
159
|
end
|
|
154
160
|
end
|
|
155
161
|
|
data/lib/jekyll-csp/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jekyll-csp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- scottstraughan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-05-
|
|
11
|
+
date: 2025-05-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jekyll
|