rack-response-signature 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/rack/response_signature.rb +5 -5
- metadata +9 -4
|
@@ -10,7 +10,7 @@ module Rack
|
|
|
10
10
|
# clients may then validate the response against a known-good public key
|
|
11
11
|
# to verify server authenticity against a man-in-the-middle attack.
|
|
12
12
|
#
|
|
13
|
-
# The signature, if generated, is placed in a "Response-Signature" HTTP
|
|
13
|
+
# The signature, if generated, is placed in a "X-Response-Signature" HTTP
|
|
14
14
|
# header. Currently, signatures are only generated for HTTP SUCCESS (200)
|
|
15
15
|
# responses.
|
|
16
16
|
#
|
|
@@ -56,7 +56,7 @@ module Rack
|
|
|
56
56
|
# Transfer-Encoding: chunked
|
|
57
57
|
# Connection: keep-alive
|
|
58
58
|
# ETag: "54a2096d2c361907b3f9cc7ec9a2231d"
|
|
59
|
-
# Response-Signature: JywymlJfA90Q4x52LKt4J8Tb8p4rXI%2BptKDNm3NC7F495...
|
|
59
|
+
# X-Response-Signature: JywymlJfA90Q4x52LKt4J8Tb8p4rXI%2BptKDNm3NC7F495...
|
|
60
60
|
# Cache-Control: private, max-age=0, must-revalidate
|
|
61
61
|
#
|
|
62
62
|
# === Client Verification
|
|
@@ -76,7 +76,7 @@ module Rack
|
|
|
76
76
|
#
|
|
77
77
|
# puts "Response valid? %s" % [OpenSSL::PKey::RSA.new(PublicKey).
|
|
78
78
|
# verify(OpenSSL::Digest::SHA256.new,
|
|
79
|
-
# Base64.decode64(CGI.unescape(response['Response-Signature'])),
|
|
79
|
+
# Base64.decode64(CGI.unescape(response['X-Response-Signature'])),
|
|
80
80
|
# response.body.strip)]
|
|
81
81
|
#
|
|
82
82
|
# === Options
|
|
@@ -89,7 +89,7 @@ module Rack
|
|
|
89
89
|
#
|
|
90
90
|
class ResponseSignature
|
|
91
91
|
|
|
92
|
-
VERSION = '0.
|
|
92
|
+
VERSION = '0.2.0'
|
|
93
93
|
|
|
94
94
|
def initialize(app, private_key, options = {})
|
|
95
95
|
options[:digest] ||= OpenSSL::Digest::SHA256
|
|
@@ -117,7 +117,7 @@ module Rack
|
|
|
117
117
|
end
|
|
118
118
|
|
|
119
119
|
def add_signature(headers, body)
|
|
120
|
-
headers['Response-Signature'] = CGI.escape(Base64.encode64(sign(body)))
|
|
120
|
+
headers['X-Response-Signature'] = CGI.escape(Base64.encode64(sign(body)))
|
|
121
121
|
headers
|
|
122
122
|
end
|
|
123
123
|
|
metadata
CHANGED
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-response-signature
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
+
hash: 23
|
|
4
5
|
prerelease: false
|
|
5
6
|
segments:
|
|
6
7
|
- 0
|
|
7
|
-
-
|
|
8
|
+
- 2
|
|
8
9
|
- 0
|
|
9
|
-
version: 0.
|
|
10
|
+
version: 0.2.0
|
|
10
11
|
platform: ruby
|
|
11
12
|
authors:
|
|
12
13
|
- Nathaniel Bibler
|
|
@@ -14,7 +15,7 @@ autorequire:
|
|
|
14
15
|
bindir: bin
|
|
15
16
|
cert_chain: []
|
|
16
17
|
|
|
17
|
-
date: 2010-
|
|
18
|
+
date: 2010-12-08 00:00:00 -05:00
|
|
18
19
|
default_executable:
|
|
19
20
|
dependencies: []
|
|
20
21
|
|
|
@@ -39,23 +40,27 @@ rdoc_options: []
|
|
|
39
40
|
require_paths:
|
|
40
41
|
- lib
|
|
41
42
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
43
|
+
none: false
|
|
42
44
|
requirements:
|
|
43
45
|
- - ">="
|
|
44
46
|
- !ruby/object:Gem::Version
|
|
47
|
+
hash: 3
|
|
45
48
|
segments:
|
|
46
49
|
- 0
|
|
47
50
|
version: "0"
|
|
48
51
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
|
+
none: false
|
|
49
53
|
requirements:
|
|
50
54
|
- - ">="
|
|
51
55
|
- !ruby/object:Gem::Version
|
|
56
|
+
hash: 3
|
|
52
57
|
segments:
|
|
53
58
|
- 0
|
|
54
59
|
version: "0"
|
|
55
60
|
requirements: []
|
|
56
61
|
|
|
57
62
|
rubyforge_project:
|
|
58
|
-
rubygems_version: 1.3.
|
|
63
|
+
rubygems_version: 1.3.7
|
|
59
64
|
signing_key:
|
|
60
65
|
specification_version: 3
|
|
61
66
|
summary: Rack middleware to add transparent response signing
|