RubyGems - rack-protection - Versions diffs - 1.0.0 → 1.5.5 - Mend

rack-protection 1.0.0 → 1.5.5

Files changed (29) hide show

checksums.yaml +7 -0
data/README.md +9 -13
data/Rakefile +15 -4
data/lib/rack/protection/authenticity_token.rb +10 -3
data/lib/rack/protection/base.rb +52 -4
data/lib/rack/protection/escaped_params.rb +34 -8
data/lib/rack/protection/frame_options.rb +14 -3
data/lib/rack/protection/http_origin.rb +32 -0
data/lib/rack/protection/ip_spoofing.rb +1 -1
data/lib/rack/protection/json_csrf.rb +14 -4
data/lib/rack/protection/path_traversal.rb +26 -5
data/lib/rack/protection/remote_referrer.rb +0 -3
data/lib/rack/protection/session_hijacking.rb +5 -5
data/lib/rack/protection/version.rb +6 -34
data/lib/rack/protection/xss_header.rb +4 -6
data/lib/rack/protection.rb +13 -8
data/rack-protection.gemspec +57 -4
data/spec/authenticity_token_spec.rb +15 -0
data/spec/base_spec.rb +40 -0
data/spec/escaped_params_spec.rb +9 -0
data/spec/frame_options_spec.rb +19 -4
data/spec/http_origin_spec.rb +38 -0
data/spec/json_csrf_spec.rb +26 -0
data/spec/path_traversal_spec.rb +20 -2
data/spec/protection_spec.rb +100 -0
data/spec/session_hijacking_spec.rb +19 -4
data/spec/spec_helper.rb +7 -1
data/spec/xss_header_spec.rb +35 -3
metadata +82 -32

metadata CHANGED Viewed

@@ -1,67 +1,114 @@
 --- !ruby/object:Gem::Specification
 name: rack-protection
 version: !ruby/object:Gem::Version
-  version: 1.0.0
-  prerelease:
+  version: 1.5.5
 platform: ruby
 authors:
 - Konstantin Haase
-- Corey Ward
+- Alex Rodionov
+- Patrick Ellis
+- Jason Staten
+- ITO Nobuaki
+- Jeff Welling
+- Matteo Centenaro
+- Egor Homakov
+- Florian Gilcher
 - Fojas
+- Igor Bochkariov
+- Mael Clerambault
+- Martin Mauch
+- Renne Nissinen
+- SAKAI, Kazuaki
+- Stanislav Savulchik
+- Steve Agalloco
+- TOBY
+- Thais Camilo and Konstantin Haase
+- Vipul A M
+- Akzhan Abdulin
+- brookemckim
+- Bjørge Næss
+- Chris Heald
+- Chris Mytton
+- Corey Ward
+- Dario Cravero
+- David Kellum
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-09-02 00:00:00.000000000Z
+date: 2018-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
-  requirement: &2151828860 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *2151828860
-- !ruby/object:Gem::Dependency
-  name: escape_utils
-  requirement: &2151828040 !ruby/object:Gem::Requirement
-    none: false
+  version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: *2151828040
 - !ruby/object:Gem::Dependency
   name: rack-test
-  requirement: &2151827300 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2151827300
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &2151826180 !ruby/object:Gem::Requirement
-    none: false
+  requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
   type: :development
   prerelease: false
-  version_requirements: *2151826180
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 description: You should use protection!
 email:
 - konstantin.mailinglists@googlemail.com
-- coreyward@me.com
+- p0deje@gmail.com
+- jstaten07@gmail.com
+- patrick@soundcloud.com
+- jeff.welling@gmail.com
+- bugant@gmail.com
+- daydream.trippers@gmail.com
+- florian.gilcher@asquera.de
 - developer@fojasaur.us
+- ujifgc@gmail.com
+- mael@clerambault.fr
+- martin.mauch@gmail.com
+- rennex@iki.fi
+- kaz.july.7@gmail.com
+- s.savulchik@gmail.com
+- steve.agalloco@gmail.com
+- toby.net.info.mail+git@gmail.com
+- dev+narwen+rkh@rkh.im
+- vipulnsward@gmail.com
+- akzhan.abdulin@gmail.com
+- brooke@digitalocean.com
+- bjoerge@bengler.no
+- cheald@gmail.com
+- self@hecticjeff.net
+- coreyward@me.com
+- dario@uxtemple.com
+- dek-oss@gravitext.com
+- homakov@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -76,6 +123,7 @@ files:
 - lib/rack/protection/escaped_params.rb
 - lib/rack/protection/form_token.rb
 - lib/rack/protection/frame_options.rb
+- lib/rack/protection/http_origin.rb
 - lib/rack/protection/ip_spoofing.rb
 - lib/rack/protection/json_csrf.rb
 - lib/rack/protection/path_traversal.rb
@@ -86,9 +134,11 @@ files:
 - lib/rack/protection/xss_header.rb
 - rack-protection.gemspec
 - spec/authenticity_token_spec.rb
+- spec/base_spec.rb
 - spec/escaped_params_spec.rb
 - spec/form_token_spec.rb
 - spec/frame_options_spec.rb
+- spec/http_origin_spec.rb
 - spec/ip_spoofing_spec.rb
 - spec/json_csrf_spec.rb
 - spec/path_traversal_spec.rb
@@ -99,27 +149,27 @@ files:
 - spec/spec_helper.rb
 - spec/xss_header_spec.rb
 homepage: http://github.com/rkh/rack-protection
-licenses: []
+licenses:
+- MIT
+metadata: {}
 post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.6
+rubygems_version: 2.7.3
 signing_key:
-specification_version: 3
+specification_version: 4
 summary: You should use protection!
 test_files: []