rack-protection 2.1.0 → 3.2.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/protection/version'
2
4
  require 'rack'
3
5
 
@@ -7,6 +9,8 @@ module Rack
7
9
  autoload :Base, 'rack/protection/base'
8
10
  autoload :CookieTossing, 'rack/protection/cookie_tossing'
9
11
  autoload :ContentSecurityPolicy, 'rack/protection/content_security_policy'
12
+ autoload :Encryptor, 'rack/protection/encryptor'
13
+ autoload :EncryptedCookie, 'rack/protection/encrypted_cookie'
10
14
  autoload :EscapedParams, 'rack/protection/escaped_params'
11
15
  autoload :FormToken, 'rack/protection/form_token'
12
16
  autoload :FrameOptions, 'rack/protection/frame_options'
@@ -27,7 +31,7 @@ module Rack
27
31
  use_these = Array options[:use]
28
32
 
29
33
  if options.fetch(:without_session, false)
30
- except += [:session_hijacking, :remote_token]
34
+ except += %i[session_hijacking remote_token]
31
35
  end
32
36
 
33
37
  Rack::Builder.new do
@@ -1 +1 @@
1
- require "rack/protection"
1
+ require 'rack/protection'
@@ -0,0 +1,3 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'rack/protection'
@@ -1,40 +1,44 @@
1
- version = File.read(File.expand_path("../../VERSION", __FILE__)).strip
1
+ # frozen_string_literal: true
2
+
3
+ version = File.read(File.expand_path('../VERSION', __dir__)).strip
2
4
 
3
5
  Gem::Specification.new do |s|
4
6
  # general infos
5
- s.name = "rack-protection"
7
+ s.name = 'rack-protection'
6
8
  s.version = version
7
- s.description = "Protect against typical web attacks, works with all Rack apps, including Rails."
8
- s.homepage = "http://sinatrarb.com/protection/"
9
- s.summary = s.description
9
+ s.description = 'Protect against typical web attacks, works with all Rack apps, including Rails'
10
+ s.homepage = 'https://sinatrarb.com/protection/'
11
+ s.summary = "#{s.description}."
10
12
  s.license = 'MIT'
11
- s.authors = ["https://github.com/sinatra/sinatra/graphs/contributors"]
12
- s.email = "sinatrarb@googlegroups.com"
13
- s.files = Dir["lib/**/*.rb"] + [
14
- "License",
15
- "README.md",
16
- "Rakefile",
17
- "Gemfile",
18
- "rack-protection.gemspec"
13
+ s.authors = ['https://github.com/sinatra/sinatra/graphs/contributors']
14
+ s.email = 'sinatrarb@googlegroups.com'
15
+ s.files = Dir['lib/**/*.rb'] + [
16
+ 'License',
17
+ 'README.md',
18
+ 'Rakefile',
19
+ 'Gemfile',
20
+ 'rack-protection.gemspec'
19
21
  ]
20
22
 
21
- if s.respond_to?(:metadata)
22
- s.metadata = {
23
- 'source_code_uri' => 'https://github.com/sinatra/sinatra/tree/master/rack-protection',
24
- 'homepage_uri' => 'http://sinatrarb.com/protection/',
25
- 'documentation_uri' => 'https://www.rubydoc.info/gems/rack-protection'
26
- }
27
- else
28
- raise <<-EOF
23
+ unless s.respond_to?(:metadata)
24
+ raise <<-WARN
29
25
  RubyGems 2.0 or newer is required to protect against public gem pushes. You can update your rubygems version by running:
30
26
  gem install rubygems-update
31
27
  update_rubygems:
32
28
  gem update --system
33
- EOF
29
+ WARN
34
30
  end
35
31
 
32
+ s.metadata = {
33
+ 'source_code_uri' => 'https://github.com/sinatra/sinatra/tree/main/rack-protection',
34
+ 'homepage_uri' => 'http://sinatrarb.com/protection/',
35
+ 'documentation_uri' => 'https://www.rubydoc.info/gems/rack-protection',
36
+ 'rubygems_mfa_required' => 'true'
37
+ }
38
+
39
+ s.required_ruby_version = '>= 2.6.0'
40
+
36
41
  # dependencies
37
- s.add_dependency "rack"
38
- s.add_development_dependency "rack-test"
39
- s.add_development_dependency "rspec", "~> 3.6"
42
+ s.add_dependency 'base64', '>= 0.1.0'
43
+ s.add_dependency 'rack', '~> 2.2', '>= 2.2.4'
40
44
  end
metadata CHANGED
@@ -1,59 +1,51 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-protection
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 3.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - https://github.com/sinatra/sinatra/graphs/contributors
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-04 00:00:00.000000000 Z
11
+ date: 2023-12-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: rack
14
+ name: base64
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '0'
19
+ version: 0.1.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: '0'
26
+ version: 0.1.0
27
27
  - !ruby/object:Gem::Dependency
28
- name: rack-test
28
+ name: rack
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ">="
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '0'
34
- type: :development
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
33
+ version: '2.2'
38
34
  - - ">="
39
35
  - !ruby/object:Gem::Version
40
- version: '0'
41
- - !ruby/object:Gem::Dependency
42
- name: rspec
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - "~>"
46
- - !ruby/object:Gem::Version
47
- version: '3.6'
48
- type: :development
36
+ version: 2.2.4
37
+ type: :runtime
49
38
  prerelease: false
50
39
  version_requirements: !ruby/object:Gem::Requirement
51
40
  requirements:
52
41
  - - "~>"
53
42
  - !ruby/object:Gem::Version
54
- version: '3.6'
43
+ version: '2.2'
44
+ - - ">="
45
+ - !ruby/object:Gem::Version
46
+ version: 2.2.4
55
47
  description: Protect against typical web attacks, works with all Rack apps, including
56
- Rails.
48
+ Rails
57
49
  email: sinatrarb@googlegroups.com
58
50
  executables: []
59
51
  extensions: []
@@ -69,6 +61,8 @@ files:
69
61
  - lib/rack/protection/base.rb
70
62
  - lib/rack/protection/content_security_policy.rb
71
63
  - lib/rack/protection/cookie_tossing.rb
64
+ - lib/rack/protection/encrypted_cookie.rb
65
+ - lib/rack/protection/encryptor.rb
72
66
  - lib/rack/protection/escaped_params.rb
73
67
  - lib/rack/protection/form_token.rb
74
68
  - lib/rack/protection/frame_options.rb
@@ -83,14 +77,16 @@ files:
83
77
  - lib/rack/protection/strict_transport.rb
84
78
  - lib/rack/protection/version.rb
85
79
  - lib/rack/protection/xss_header.rb
80
+ - lib/rack_protection.rb
86
81
  - rack-protection.gemspec
87
- homepage: http://sinatrarb.com/protection/
82
+ homepage: https://sinatrarb.com/protection/
88
83
  licenses:
89
84
  - MIT
90
85
  metadata:
91
- source_code_uri: https://github.com/sinatra/sinatra/tree/master/rack-protection
86
+ source_code_uri: https://github.com/sinatra/sinatra/tree/main/rack-protection
92
87
  homepage_uri: http://sinatrarb.com/protection/
93
88
  documentation_uri: https://www.rubydoc.info/gems/rack-protection
89
+ rubygems_mfa_required: 'true'
94
90
  post_install_message:
95
91
  rdoc_options: []
96
92
  require_paths:
@@ -99,14 +95,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
99
95
  requirements:
100
96
  - - ">="
101
97
  - !ruby/object:Gem::Version
102
- version: '0'
98
+ version: 2.6.0
103
99
  required_rubygems_version: !ruby/object:Gem::Requirement
104
100
  requirements:
105
101
  - - ">="
106
102
  - !ruby/object:Gem::Version
107
103
  version: '0'
108
104
  requirements: []
109
- rubygems_version: 3.1.2
105
+ rubygems_version: 3.5.3
110
106
  signing_key:
111
107
  specification_version: 4
112
108
  summary: Protect against typical web attacks, works with all Rack apps, including