rack_nonce_middleware 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rack_nonce_middleware.rb +0 -18
  3. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8d43c77cc5ff633d2464001a7effbc53f405c9799be26d22a696ab811b316b03
4
- data.tar.gz: 0d394b9f3fc25144c013f0e1624eeb9a29c70b8157b2dbe239b7b77cf4871516
3
+ metadata.gz: b9faf4985471a636878b178bd70616ff08bf204036eedde7338dcf0cbbb6e19c
4
+ data.tar.gz: 8565335e08678160cce8597f61046cdbd61025a892643be641b67f547b07ac79
5
5
  SHA512:
6
- metadata.gz: 1492e314723b4ec0ff521b4d9a80e0de9a035de7bcc6a31a270e5dcf178975a8ebbf97cb290e3386ef3f65e3349c7bbd437a068c8d0fcf4a9871555ae56c0f25
7
- data.tar.gz: 7a6345a3bbf4572d7817db9efff479dd3a4676bbdb134539514464eae244a81313533689358e2978f0b9fbf82c12737a6309a3c9eb54f591054bfc0d9295af31
6
+ metadata.gz: '02839f7243a87123376fe7327ae419bfedc043068b1902f1508a9b9a99b73c64088fa2b1032fedfb695c361c5a188b48a67ba2ef34ad64531a74f11817c7dbee'
7
+ data.tar.gz: 6be6a29c0308bf55578fc2e58ac2fb28d2bc73ff3c68c12322ed5755ddc2d4d999ee9072ea09cec37f4885ac5ac83e1464583f0f609ffe677ab6aee2f23510bc
data/lib/rack_nonce_middleware.rb CHANGED
@@ -1,20 +1,3 @@
1
- # Description: Rack middleware to add a nonce to the CSP header
2
- # and expose it to the application.
3
-
4
- # Usage:
5
- # In your backend application, add the middleware to the stack:
6
- #
7
- # require 'rack-nonce-middleware'
8
- # use(Rack::Protection, {
9
- # use: %i[content_security_policy],
10
- # script_src: "'self' #{RackNonceMiddleware::NONCE} https://....",
11
- # style_src: "'self' #{RackNonceMiddleware::NONCE} https://....",
12
- # use RackNonceMiddleware # Make sure thus is included after Rack::Protection
13
- #
14
- # In your views, add the nonce to the script and style tags:
15
- # <script nonce="<%= env['csp.nonce'] %>">...</script>
16
- # <style nonce="<%= env['csp.nonce'] %>">...</style>
17
-
18
1
  class RackNonceMiddleware
19
2
  NONCE = 'nonce-NONCE-VALUE'.freeze
20
3
 
@@ -27,7 +10,6 @@ class RackNonceMiddleware
27
10
  env['csp.nonce'] = nonce
28
11
  status, headers, response = @app.call(env)
29
12
 
30
- puts "====> #{headers.keys}"
31
13
  if headers['Content-Security-Policy']
32
14
  headers['Content-Security-Policy'] = headers['Content-Security-Policy'].gsub(NONCE, "nonce-#{nonce}")
33
15
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack_nonce_middleware
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tadas Tamosauskas, Pragmatic Genomics Ltd