RubyGems - philiprehberger-header_kit - Versions diffs - 0.2.0 → 0.3.1 - Mend

philiprehberger-header_kit 0.2.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +14 -0
data/README.md +68 -8
data/lib/philiprehberger/header_kit/cors.rb +29 -0
data/lib/philiprehberger/header_kit/forwarded.rb +47 -0
data/lib/philiprehberger/header_kit/security.rb +27 -0
data/lib/philiprehberger/header_kit/version.rb +1 -1
data/lib/philiprehberger/header_kit.rb +43 -0
metadata +9 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3d4bcbb3c1002def0f437335a19871b535ce7764369d43fed1c4a1548367988f
-  data.tar.gz: 03dea17ed3566ea8cce9ea8511f741c92487113b6ba0a4cdb899ab1835f07009
+  metadata.gz: b397e499d587d20070ad785372aa81dc6574f583de2663cb105598ba229f3b52
+  data.tar.gz: cf8de787ddaa0f5cf2c95efa89f17e8db64d0368262bdd691b29c029fc0587fe
 SHA512:
-  metadata.gz: 35c43a782a9e1ba431f972d18ec2c248a6141e96f79c082d09a2a48f973aee449d684011e4b70e3f95b4c488ff71fb1537c8da716e0186669e9ca974ff267792
-  data.tar.gz: 1b82e5bdea29824445c2097f21009f57a0f71cebbd80799386aed785e2247de8a4c87bd65136e198fea1150485c6909264f21cfed3970a2365c47c61ca7b7ce7
+  metadata.gz: 600588c8096d75b8b8559a2aa0d9477025a7e02706e3906f7c57297999f303083078f8dd7dfe75c70a56a2ddb6e424d88c69e94b11cfee8a9038eb1c1e7bc275
+  data.tar.gz: 9984feba85757ee07365321359798fe91a87c0f44902c65c81f52bb1885683c0971ea78590eee5db427e952afe72bbc1dceee4eba39478ca90e24e04622bcb97

data/CHANGELOG.md CHANGED Viewed

@@ -7,6 +7,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
+## [0.3.1] - 2026-03-31
+### Changed
+- Standardize README badges, support section, and license format
+## [0.3.0] - 2026-03-31
+### Added
+- `parse_cors` and `build_cors` for CORS header handling
+- `security_headers` for generating recommended security headers
+- `parse_forwarded` for RFC 7239 Forwarded header parsing
+- `parse_via` for Via header parsing
 ## [0.2.0] - 2026-03-28
 ### Added

data/README.md CHANGED Viewed

@@ -2,12 +2,7 @@
 [![Tests](https://github.com/philiprehberger/rb-header-kit/actions/workflows/ci.yml/badge.svg)](https://github.com/philiprehberger/rb-header-kit/actions/workflows/ci.yml)
 [![Gem Version](https://badge.fury.io/rb/philiprehberger-header_kit.svg)](https://rubygems.org/gems/philiprehberger-header_kit)
-[![GitHub release](https://img.shields.io/github/v/release/philiprehberger/rb-header-kit)](https://github.com/philiprehberger/rb-header-kit/releases)
 [![Last updated](https://img.shields.io/github/last-commit/philiprehberger/rb-header-kit)](https://github.com/philiprehberger/rb-header-kit/commits/main)
-[![License](https://img.shields.io/github/license/philiprehberger/rb-header-kit)](LICENSE)
-[![Bug Reports](https://img.shields.io/github/issues/philiprehberger/rb-header-kit/bug)](https://github.com/philiprehberger/rb-header-kit/issues?q=is%3Aissue+is%3Aopen+label%3Abug)
-[![Feature Requests](https://img.shields.io/github/issues/philiprehberger/rb-header-kit/enhancement)](https://github.com/philiprehberger/rb-header-kit/issues?q=is%3Aissue+is%3Aopen+label%3Aenhancement)
-[![Sponsor](https://img.shields.io/badge/sponsor-GitHub%20Sponsors-ec6cb9)](https://github.com/sponsors/philiprehberger)
 HTTP header parsing, construction, and content negotiation
@@ -137,6 +132,55 @@ Philiprehberger::HeaderKit.negotiate("text/html;q=0.9, application/json", ["text
 # => "application/json"
 ```
+### Parse CORS
+```ruby
+headers = {
+  'Origin' => 'https://example.com',
+  'Access-Control-Request-Method' => 'POST',
+  'Access-Control-Request-Headers' => 'Content-Type, Authorization'
+}
+Philiprehberger::HeaderKit.parse_cors(headers)
+# => {origin: "https://example.com", method: "POST", headers: ["Content-Type", "Authorization"]}
+```
+### Build CORS
+```ruby
+Philiprehberger::HeaderKit.build_cors(
+  origin: "https://example.com",
+  methods: ["GET", "POST"],
+  headers: ["Content-Type"],
+  max_age: 3600,
+  credentials: true
+)
+# => {"Access-Control-Allow-Origin" => "https://example.com", ...}
+```
+### Security Headers
+```ruby
+Philiprehberger::HeaderKit.security_headers
+# => {"X-Content-Type-Options" => "nosniff", "X-Frame-Options" => "DENY", ...}
+Philiprehberger::HeaderKit.security_headers(hsts: "max-age=31536000", csp: "default-src 'self'")
+# => includes Strict-Transport-Security and Content-Security-Policy
+```
+### Parse Forwarded
+```ruby
+Philiprehberger::HeaderKit.parse_forwarded('for=192.0.2.60;proto=http;by=203.0.113.43')
+# => [{for: "192.0.2.60", proto: "http", by: "203.0.113.43"}]
+```
+### Parse Via
+```ruby
+Philiprehberger::HeaderKit.parse_via('1.1 vegur, 1.0 fred')
+# => [{protocol: "1.1", host: "vegur"}, {protocol: "1.0", host: "fred"}]
+```
 ## API
 | Method | Description |
@@ -155,6 +199,11 @@ Philiprehberger::HeaderKit.negotiate("text/html;q=0.9, application/json", ["text
 | `HeaderKit.parse_link(header)` | Parse Link header into entry array |
 | `HeaderKit.build_link(links)` | Build Link header from array of hashes |
 | `HeaderKit.negotiate(accept_header, available)` | Content negotiation, returns best match or nil |
+| `HeaderKit.parse_cors(headers)` | Parse CORS-related request headers |
+| `HeaderKit.build_cors(**options)` | Build CORS response headers |
+| `HeaderKit.security_headers(**options)` | Generate recommended security headers |
+| `HeaderKit.parse_forwarded(header)` | Parse RFC 7239 Forwarded header |
+| `HeaderKit.parse_via(header)` | Parse Via header into structured entries |
 ## Development
@@ -166,10 +215,21 @@ bundle exec rubocop
 ## Support
-If you find this package useful, consider giving it a star on GitHub — it helps motivate continued maintenance and development.
+If you find this project useful:
+⭐ [Star the repo](https://github.com/philiprehberger/rb-header-kit)
+🐛 [Report issues](https://github.com/philiprehberger/rb-header-kit/issues?q=is%3Aissue+is%3Aopen+label%3Abug)
+💡 [Suggest features](https://github.com/philiprehberger/rb-header-kit/issues?q=is%3Aissue+is%3Aopen+label%3Aenhancement)
+❤️ [Sponsor development](https://github.com/sponsors/philiprehberger)
+🌐 [All Open Source Projects](https://philiprehberger.com/open-source-packages)
+💻 [GitHub Profile](https://github.com/philiprehberger)
-[![LinkedIn](https://img.shields.io/badge/Philip%20Rehberger-LinkedIn-0A66C2?logo=linkedin)](https://www.linkedin.com/in/philiprehberger)
-[![More packages](https://img.shields.io/badge/more-open%20source%20packages-blue)](https://philiprehberger.com/open-source-packages)
+🔗 [LinkedIn Profile](https://www.linkedin.com/in/philiprehberger)
 ## License

data/lib/philiprehberger/header_kit/cors.rb ADDED Viewed

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+module Philiprehberger
+  module HeaderKit
+    module Cors
+      module_function
+      def parse(headers)
+        result = {}
+        result[:origin] = headers['Origin'] || headers['origin']
+        result[:method] = headers['Access-Control-Request-Method'] || headers['access-control-request-method']
+        request_headers = headers['Access-Control-Request-Headers'] || headers['access-control-request-headers']
+        result[:headers] = request_headers&.split(',')&.map(&:strip) || []
+        result
+      end
+      def build(origin:, methods: ['GET'], headers: [], max_age: nil, credentials: false, expose: [])
+        result = {}
+        result['Access-Control-Allow-Origin'] = origin
+        result['Access-Control-Allow-Methods'] = Array(methods).join(', ')
+        result['Access-Control-Allow-Headers'] = Array(headers).join(', ') unless headers.empty?
+        result['Access-Control-Max-Age'] = max_age.to_s if max_age
+        result['Access-Control-Allow-Credentials'] = 'true' if credentials
+        result['Access-Control-Expose-Headers'] = Array(expose).join(', ') unless expose.empty?
+        result
+      end
+    end
+  end
+end

data/lib/philiprehberger/header_kit/forwarded.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+module Philiprehberger
+  module HeaderKit
+    module Forwarded
+      module_function
+      def parse(header)
+        return [] if header.nil? || header.empty?
+        header.split(',').map do |part|
+          entry = {}
+          part.strip.split(';').each do |pair|
+            key, value = pair.strip.split('=', 2)
+            next unless key && value
+            entry[key.strip.downcase.to_sym] = unquote(value.strip)
+          end
+          entry
+        end
+      end
+      def parse_via(header)
+        return [] if header.nil? || header.empty?
+        header.split(',').map do |entry|
+          parts = entry.strip.split(/\s+/, 3)
+          result = {}
+          if parts.length >= 2
+            result[:protocol] = parts[0]
+            result[:host] = parts[1]
+            result[:comment] = parts[2] if parts[2]
+          else
+            result[:host] = parts[0]
+          end
+          result
+        end
+      end
+      def unquote(value)
+        value.start_with?('"') && value.end_with?('"') ? value[1..-2] : value
+      end
+      private_class_method :unquote
+    end
+  end
+end

data/lib/philiprehberger/header_kit/security.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+module Philiprehberger
+  module HeaderKit
+    module Security
+      DEFAULTS = {
+        content_type_options: 'nosniff',
+        frame_options: 'DENY',
+        xss_protection: '0',
+        referrer_policy: 'strict-origin-when-cross-origin'
+      }.freeze
+      module_function
+      def headers(hsts: nil, csp: nil, frame: nil, content_type_options: nil, referrer_policy: nil)
+        result = {}
+        result['X-Content-Type-Options'] = content_type_options || DEFAULTS[:content_type_options]
+        result['X-Frame-Options'] = frame || DEFAULTS[:frame_options]
+        result['X-XSS-Protection'] = DEFAULTS[:xss_protection]
+        result['Referrer-Policy'] = referrer_policy || DEFAULTS[:referrer_policy]
+        result['Strict-Transport-Security'] = hsts if hsts
+        result['Content-Security-Policy'] = csp if csp
+        result
+      end
+    end
+  end
+end

data/lib/philiprehberger/header_kit/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Philiprehberger
   module HeaderKit
-    VERSION = '0.2.0'
+    VERSION = '0.3.1'
   end
 end

data/lib/philiprehberger/header_kit.rb CHANGED Viewed

@@ -11,6 +11,9 @@ require_relative 'header_kit/content_type'
 require_relative 'header_kit/cookie'
 require_relative 'header_kit/link'
 require_relative 'header_kit/negotiation'
+require_relative 'header_kit/cors'
+require_relative 'header_kit/security'
+require_relative 'header_kit/forwarded'
 module Philiprehberger
   module HeaderKit
@@ -131,5 +134,45 @@ module Philiprehberger
     def self.negotiate(accept_header, available)
       Negotiation.negotiate(accept_header, available)
     end
+    # Parse CORS-related headers from a request.
+    #
+    # @param headers [Hash] request headers hash
+    # @return [Hash] with :origin, :method, :headers keys
+    def self.parse_cors(headers)
+      Cors.parse(headers)
+    end
+    # Build CORS response headers.
+    #
+    # @param options [Hash] CORS options (origin:, methods:, headers:, max_age:, credentials:, expose:)
+    # @return [Hash{String => String}] response headers
+    def self.build_cors(**options)
+      Cors.build(**options)
+    end
+    # Generate recommended security response headers.
+    #
+    # @param options [Hash] overrides (hsts:, csp:, frame:, content_type_options:, referrer_policy:)
+    # @return [Hash{String => String}] security headers
+    def self.security_headers(**options)
+      Security.headers(**options)
+    end
+    # Parse an RFC 7239 Forwarded header.
+    #
+    # @param header [String] the Forwarded header value
+    # @return [Array<Hash>] parsed entries with symbol keys
+    def self.parse_forwarded(header)
+      Forwarded.parse(header)
+    end
+    # Parse a Via header into structured entries.
+    #
+    # @param header [String] the Via header value
+    # @return [Array<Hash>] entries with :protocol, :host, :comment keys
+    def self.parse_via(header)
+      Forwarded.parse_via(header)
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,18 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: philiprehberger-header_kit
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Philip Rehberger
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-03-29 00:00:00.000000000 Z
+date: 2026-03-31 00:00:00.000000000 Z
 dependencies: []
 description: Parse and build Accept, Accept-Language, Accept-Encoding, Authorization,
-  Cache-Control, Content-Type, Cookie, and Link HTTP headers. Includes content negotiation
-  for selecting the best response type or language.
+  Cache-Control, Content-Type, Cookie, Link, CORS, Forwarded, and Via HTTP headers.
+  Includes content negotiation and security header generation.
 email:
 - me@philiprehberger.com
 executables: []
@@ -31,14 +31,17 @@ files:
 - lib/philiprehberger/header_kit/cache_control.rb
 - lib/philiprehberger/header_kit/content_type.rb
 - lib/philiprehberger/header_kit/cookie.rb
+- lib/philiprehberger/header_kit/cors.rb
+- lib/philiprehberger/header_kit/forwarded.rb
 - lib/philiprehberger/header_kit/link.rb
 - lib/philiprehberger/header_kit/negotiation.rb
+- lib/philiprehberger/header_kit/security.rb
 - lib/philiprehberger/header_kit/version.rb
-homepage: https://github.com/philiprehberger/rb-header-kit
+homepage: https://philiprehberger.com/open-source-packages/ruby/philiprehberger-header_kit
 licenses:
 - MIT
 metadata:
-  homepage_uri: https://github.com/philiprehberger/rb-header-kit
+  homepage_uri: https://philiprehberger.com/open-source-packages/ruby/philiprehberger-header_kit
   source_code_uri: https://github.com/philiprehberger/rb-header-kit
   changelog_uri: https://github.com/philiprehberger/rb-header-kit/blob/main/CHANGELOG.md
   bug_tracker_uri: https://github.com/philiprehberger/rb-header-kit/issues