rack_nonce_middleware 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rack_nonce_middleware.rb +0 -18
  3. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8d43c77cc5ff633d2464001a7effbc53f405c9799be26d22a696ab811b316b03
4
- data.tar.gz: 0d394b9f3fc25144c013f0e1624eeb9a29c70b8157b2dbe239b7b77cf4871516
3
+ metadata.gz: b9faf4985471a636878b178bd70616ff08bf204036eedde7338dcf0cbbb6e19c
4
+ data.tar.gz: 8565335e08678160cce8597f61046cdbd61025a892643be641b67f547b07ac79
5
5
  SHA512:
6
- metadata.gz: 1492e314723b4ec0ff521b4d9a80e0de9a035de7bcc6a31a270e5dcf178975a8ebbf97cb290e3386ef3f65e3349c7bbd437a068c8d0fcf4a9871555ae56c0f25
7
- data.tar.gz: 7a6345a3bbf4572d7817db9efff479dd3a4676bbdb134539514464eae244a81313533689358e2978f0b9fbf82c12737a6309a3c9eb54f591054bfc0d9295af31
6
+ metadata.gz: '02839f7243a87123376fe7327ae419bfedc043068b1902f1508a9b9a99b73c64088fa2b1032fedfb695c361c5a188b48a67ba2ef34ad64531a74f11817c7dbee'
7
+ data.tar.gz: 6be6a29c0308bf55578fc2e58ac2fb28d2bc73ff3c68c12322ed5755ddc2d4d999ee9072ea09cec37f4885ac5ac83e1464583f0f609ffe677ab6aee2f23510bc
data/lib/rack_nonce_middleware.rb CHANGED
@@ -1,20 +1,3 @@
1
- # Description: Rack middleware to add a nonce to the CSP header
2
- # and expose it to the application.
3
-
4
- # Usage:
5
- # In your backend application, add the middleware to the stack:
6
- #
7
- # require 'rack-nonce-middleware'
8
- # use(Rack::Protection, {
9
- # use: %i[content_security_policy],
10
- # script_src: "'self' #{RackNonceMiddleware::NONCE} https://....",
11
- # style_src: "'self' #{RackNonceMiddleware::NONCE} https://....",
12
- # use RackNonceMiddleware # Make sure thus is included after Rack::Protection
13
- #
14
- # In your views, add the nonce to the script and style tags:
15
- # <script nonce="<%= env['csp.nonce'] %>">...</script>
16
- # <style nonce="<%= env['csp.nonce'] %>">...</style>
17
-
18
1
  class RackNonceMiddleware
19
2
  NONCE = 'nonce-NONCE-VALUE'.freeze
20
3
 
@@ -27,7 +10,6 @@ class RackNonceMiddleware
27
10
  env['csp.nonce'] = nonce
28
11
  status, headers, response = @app.call(env)
29
12
 
30
- puts "====> #{headers.keys}"
31
13
  if headers['Content-Security-Policy']
32
14
  headers['Content-Security-Policy'] = headers['Content-Security-Policy'].gsub(NONCE, "nonce-#{nonce}")
33
15
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack_nonce_middleware
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tadas Tamosauskas, Pragmatic Genomics Ltd