rack-response-signature 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. data/lib/rack/response_signature.rb +5 -5
  2. metadata +9 -4
@@ -10,7 +10,7 @@ module Rack
10
10
  # clients may then validate the response against a known-good public key
11
11
  # to verify server authenticity against a man-in-the-middle attack.
12
12
  #
13
- # The signature, if generated, is placed in a "Response-Signature" HTTP
13
+ # The signature, if generated, is placed in a "X-Response-Signature" HTTP
14
14
  # header. Currently, signatures are only generated for HTTP SUCCESS (200)
15
15
  # responses.
16
16
  #
@@ -56,7 +56,7 @@ module Rack
56
56
  # Transfer-Encoding: chunked
57
57
  # Connection: keep-alive
58
58
  # ETag: "54a2096d2c361907b3f9cc7ec9a2231d"
59
- # Response-Signature: JywymlJfA90Q4x52LKt4J8Tb8p4rXI%2BptKDNm3NC7F495...
59
+ # X-Response-Signature: JywymlJfA90Q4x52LKt4J8Tb8p4rXI%2BptKDNm3NC7F495...
60
60
  # Cache-Control: private, max-age=0, must-revalidate
61
61
  #
62
62
  # === Client Verification
@@ -76,7 +76,7 @@ module Rack
76
76
  #
77
77
  # puts "Response valid? %s" % [OpenSSL::PKey::RSA.new(PublicKey).
78
78
  # verify(OpenSSL::Digest::SHA256.new,
79
- # Base64.decode64(CGI.unescape(response['Response-Signature'])),
79
+ # Base64.decode64(CGI.unescape(response['X-Response-Signature'])),
80
80
  # response.body.strip)]
81
81
  #
82
82
  # === Options
@@ -89,7 +89,7 @@ module Rack
89
89
  #
90
90
  class ResponseSignature
91
91
 
92
- VERSION = '0.1.0'
92
+ VERSION = '0.2.0'
93
93
 
94
94
  def initialize(app, private_key, options = {})
95
95
  options[:digest] ||= OpenSSL::Digest::SHA256
@@ -117,7 +117,7 @@ module Rack
117
117
  end
118
118
 
119
119
  def add_signature(headers, body)
120
- headers['Response-Signature'] = CGI.escape(Base64.encode64(sign(body)))
120
+ headers['X-Response-Signature'] = CGI.escape(Base64.encode64(sign(body)))
121
121
  headers
122
122
  end
123
123
 
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-response-signature
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 23
4
5
  prerelease: false
5
6
  segments:
6
7
  - 0
7
- - 1
8
+ - 2
8
9
  - 0
9
- version: 0.1.0
10
+ version: 0.2.0
10
11
  platform: ruby
11
12
  authors:
12
13
  - Nathaniel Bibler
@@ -14,7 +15,7 @@ autorequire:
14
15
  bindir: bin
15
16
  cert_chain: []
16
17
 
17
- date: 2010-04-15 00:00:00 -04:00
18
+ date: 2010-12-08 00:00:00 -05:00
18
19
  default_executable:
19
20
  dependencies: []
20
21
 
@@ -39,23 +40,27 @@ rdoc_options: []
39
40
  require_paths:
40
41
  - lib
41
42
  required_ruby_version: !ruby/object:Gem::Requirement
43
+ none: false
42
44
  requirements:
43
45
  - - ">="
44
46
  - !ruby/object:Gem::Version
47
+ hash: 3
45
48
  segments:
46
49
  - 0
47
50
  version: "0"
48
51
  required_rubygems_version: !ruby/object:Gem::Requirement
52
+ none: false
49
53
  requirements:
50
54
  - - ">="
51
55
  - !ruby/object:Gem::Version
56
+ hash: 3
52
57
  segments:
53
58
  - 0
54
59
  version: "0"
55
60
  requirements: []
56
61
 
57
62
  rubyforge_project:
58
- rubygems_version: 1.3.6
63
+ rubygems_version: 1.3.7
59
64
  signing_key:
60
65
  specification_version: 3
61
66
  summary: Rack middleware to add transparent response signing