rack-cors-csrf_prevention 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +3 -3
- data/lib/rack/cors/csrf_prevention/version.rb +1 -1
- data/lib/rack/cors/csrf_prevention.rb +3 -3
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 391b427a869958db6d02bfb9ce4eb9a9b933419474a45f3cf864307ff376645c
|
4
|
+
data.tar.gz: 15481e6053666edbfd884be6107fcfb96fea8cf1d317d831e363cb624f6307ff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 969463a394cfdb672e665af4c4b7410c9c8519bd3a6459ca2300a6b27fe081304bdd5a6491a672e6fc67d9232eff60d402036ebda7979f9bb2be1c789a3e94b7
|
7
|
+
data.tar.gz: fc4f13efe119e22cf942173c4395541e3d93c09aa7d0ede08f5e166326be01a1b42948060dd3d2d19d10c72d62f9f2535b70e63a4d7d272d1a8f6b2ef9c1e467
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -43,12 +43,12 @@ Also, you can configure multiple paths via `paths` argument.
|
|
43
43
|
## Development
|
44
44
|
|
45
45
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run
|
46
|
-
`
|
46
|
+
`bin/rake spec` to run the tests. You can also run `bin/console` for an
|
47
47
|
interactive prompt that will allow you to experiment.
|
48
48
|
|
49
|
-
To install this gem onto your local machine, run `
|
49
|
+
To install this gem onto your local machine, run `bin/rake rake install`.
|
50
50
|
To release a new version, update the version number in `version.rb`, and then
|
51
|
-
run `
|
51
|
+
run `bin/rake release`, which will create a git tag for the version,
|
52
52
|
push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
53
53
|
|
54
54
|
## Contributing
|
@@ -10,8 +10,8 @@ module Rack
|
|
10
10
|
include Rack::Cors::CsrfPrevention::Logger
|
11
11
|
|
12
12
|
APOLLO_CUSTOM_PREFLIGHT_HEADERS = %w[
|
13
|
-
|
14
|
-
|
13
|
+
X_APOLLO_OPERATION_NAME
|
14
|
+
APOLLO_REQUIRE_PREFLIGHT
|
15
15
|
].freeze
|
16
16
|
|
17
17
|
NON_PREFLIGHTED_CONTENT_TYPES = %w[
|
@@ -23,7 +23,7 @@ module Rack
|
|
23
23
|
ERROR_MESSAGE = <<~HEREDOC
|
24
24
|
This operation has been blocked as a potential Cross-Site Request Forgery (CSRF).
|
25
25
|
|
26
|
-
Please either specify a "Content-Type" header (with a mime-type that is not one of #{NON_PREFLIGHTED_CONTENT_TYPES.join(', ')}) or provide one of the following headers: #{APOLLO_CUSTOM_PREFLIGHT_HEADERS.join(', ')}.
|
26
|
+
Please either specify a "Content-Type" header (with a mime-type that is not one of #{NON_PREFLIGHTED_CONTENT_TYPES.join(', ')}) or provide one of the following headers: #{APOLLO_CUSTOM_PREFLIGHT_HEADERS.join(', ').tr('_', '-')}.
|
27
27
|
HEREDOC
|
28
28
|
|
29
29
|
def initialize(
|