secure_headers 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of secure_headers might be problematic. Click here for more details.
- data/.gitignore +9 -0
- data/.travis.yml +3 -2
- data/Gemfile +4 -0
- data/Guardfile +1 -1
- data/HISTORY.md +14 -0
- data/README.md +2 -2
- data/Rakefile +41 -1
- data/app/controllers/content_security_policy_controller.rb +19 -10
- data/fixtures/rails_3_2_12/.rspec +1 -0
- data/fixtures/rails_3_2_12/Gemfile +14 -0
- data/fixtures/rails_3_2_12/Guardfile +14 -0
- data/fixtures/rails_3_2_12/README.rdoc +261 -0
- data/fixtures/rails_3_2_12/Rakefile +7 -0
- data/fixtures/rails_3_2_12/app/controllers/application_controller.rb +4 -0
- data/fixtures/rails_3_2_12/app/controllers/other_things_controller.rb +5 -0
- data/fixtures/rails_3_2_12/app/controllers/things_controller.rb +6 -0
- data/fixtures/rails_3_2_12/app/models/.gitkeep +0 -0
- data/fixtures/rails_3_2_12/app/models/thing.rb +3 -0
- data/fixtures/rails_3_2_12/app/views/layouts/application.html.erb +14 -0
- data/fixtures/rails_3_2_12/app/views/other_things/index.html.erb +1 -0
- data/fixtures/rails_3_2_12/app/views/things/index.html.erb +21 -0
- data/fixtures/rails_3_2_12/config.ru +4 -0
- data/fixtures/rails_3_2_12/config/application.rb +68 -0
- data/fixtures/rails_3_2_12/config/boot.rb +6 -0
- data/fixtures/rails_3_2_12/config/database.yml +25 -0
- data/fixtures/rails_3_2_12/config/environment.rb +5 -0
- data/fixtures/rails_3_2_12/config/environments/development.rb +37 -0
- data/fixtures/rails_3_2_12/config/environments/production.rb +67 -0
- data/fixtures/rails_3_2_12/config/environments/test.rb +37 -0
- data/fixtures/rails_3_2_12/config/initializers/backtrace_silencers.rb +7 -0
- data/fixtures/rails_3_2_12/config/initializers/inflections.rb +15 -0
- data/fixtures/rails_3_2_12/config/initializers/mime_types.rb +5 -0
- data/fixtures/rails_3_2_12/config/initializers/secret_token.rb +7 -0
- data/fixtures/rails_3_2_12/config/initializers/secure_headers.rb +15 -0
- data/fixtures/rails_3_2_12/config/initializers/session_store.rb +8 -0
- data/fixtures/rails_3_2_12/config/initializers/wrap_parameters.rb +14 -0
- data/fixtures/rails_3_2_12/config/locales/en.yml +5 -0
- data/fixtures/rails_3_2_12/config/routes.rb +61 -0
- data/fixtures/rails_3_2_12/db/schema.rb +16 -0
- data/fixtures/rails_3_2_12/db/seeds.rb +7 -0
- data/fixtures/rails_3_2_12/lib/assets/.gitkeep +0 -0
- data/fixtures/rails_3_2_12/lib/tasks/.gitkeep +0 -0
- data/fixtures/rails_3_2_12/log/.gitkeep +0 -0
- data/fixtures/rails_3_2_12/spec/controllers/other_things_controller_spec.rb +40 -0
- data/fixtures/rails_3_2_12/spec/controllers/things_controller_spec.rb +47 -0
- data/fixtures/rails_3_2_12/spec/spec_helper.rb +19 -0
- data/fixtures/rails_3_2_12/vendor/assets/javascripts/.gitkeep +0 -0
- data/fixtures/rails_3_2_12/vendor/assets/stylesheets/.gitkeep +0 -0
- data/fixtures/rails_3_2_12/vendor/plugins/.gitkeep +0 -0
- data/fixtures/rails_3_2_12_no_init/.rspec +1 -0
- data/fixtures/rails_3_2_12_no_init/Gemfile +14 -0
- data/fixtures/rails_3_2_12_no_init/Guardfile +14 -0
- data/fixtures/rails_3_2_12_no_init/README.rdoc +261 -0
- data/fixtures/rails_3_2_12_no_init/Rakefile +7 -0
- data/fixtures/rails_3_2_12_no_init/app/controllers/application_controller.rb +4 -0
- data/fixtures/rails_3_2_12_no_init/app/controllers/other_things_controller.rb +7 -0
- data/fixtures/rails_3_2_12_no_init/app/controllers/things_controller.rb +5 -0
- data/fixtures/rails_3_2_12_no_init/app/models/.gitkeep +0 -0
- data/fixtures/rails_3_2_12_no_init/app/models/thing.rb +3 -0
- data/fixtures/rails_3_2_12_no_init/app/views/layouts/application.html.erb +14 -0
- data/fixtures/rails_3_2_12_no_init/app/views/other_things/index.html.erb +1 -0
- data/fixtures/rails_3_2_12_no_init/app/views/things/_form.html.erb +17 -0
- data/fixtures/rails_3_2_12_no_init/app/views/things/edit.html.erb +6 -0
- data/fixtures/rails_3_2_12_no_init/app/views/things/index.html.erb +21 -0
- data/fixtures/rails_3_2_12_no_init/app/views/things/new.html.erb +5 -0
- data/fixtures/rails_3_2_12_no_init/app/views/things/show.html.erb +5 -0
- data/fixtures/rails_3_2_12_no_init/config.ru +4 -0
- data/fixtures/rails_3_2_12_no_init/config/application.rb +68 -0
- data/fixtures/rails_3_2_12_no_init/config/boot.rb +6 -0
- data/fixtures/rails_3_2_12_no_init/config/database.yml +25 -0
- data/fixtures/rails_3_2_12_no_init/config/environment.rb +5 -0
- data/fixtures/rails_3_2_12_no_init/config/environments/development.rb +37 -0
- data/fixtures/rails_3_2_12_no_init/config/environments/production.rb +67 -0
- data/fixtures/rails_3_2_12_no_init/config/environments/test.rb +37 -0
- data/fixtures/rails_3_2_12_no_init/config/initializers/backtrace_silencers.rb +7 -0
- data/fixtures/rails_3_2_12_no_init/config/initializers/inflections.rb +15 -0
- data/fixtures/rails_3_2_12_no_init/config/initializers/mime_types.rb +5 -0
- data/fixtures/rails_3_2_12_no_init/config/initializers/secret_token.rb +7 -0
- data/fixtures/rails_3_2_12_no_init/config/initializers/session_store.rb +8 -0
- data/fixtures/rails_3_2_12_no_init/config/initializers/wrap_parameters.rb +14 -0
- data/fixtures/rails_3_2_12_no_init/config/locales/en.yml +5 -0
- data/fixtures/rails_3_2_12_no_init/config/routes.rb +61 -0
- data/fixtures/rails_3_2_12_no_init/db/schema.rb +16 -0
- data/fixtures/rails_3_2_12_no_init/db/seeds.rb +7 -0
- data/fixtures/rails_3_2_12_no_init/lib/assets/.gitkeep +0 -0
- data/fixtures/rails_3_2_12_no_init/lib/tasks/.gitkeep +0 -0
- data/fixtures/rails_3_2_12_no_init/log/.gitkeep +0 -0
- data/fixtures/rails_3_2_12_no_init/spec/controllers/other_things_controller_spec.rb +40 -0
- data/fixtures/rails_3_2_12_no_init/spec/controllers/things_controller_spec.rb +44 -0
- data/fixtures/rails_3_2_12_no_init/spec/spec_helper.rb +20 -0
- data/fixtures/rails_3_2_12_no_init/vendor/assets/javascripts/.gitkeep +0 -0
- data/fixtures/rails_3_2_12_no_init/vendor/assets/stylesheets/.gitkeep +0 -0
- data/fixtures/rails_3_2_12_no_init/vendor/plugins/.gitkeep +0 -0
- data/lib/secure_headers.rb +19 -15
- data/lib/secure_headers/headers/content_security_policy.rb +54 -113
- data/lib/secure_headers/headers/content_security_policy/browser_strategy.rb +70 -0
- data/lib/secure_headers/headers/content_security_policy/firefox_browser_strategy.rb +72 -0
- data/lib/secure_headers/headers/content_security_policy/ie_browser_strategy.rb +6 -0
- data/lib/secure_headers/headers/content_security_policy/webkit_browser_strategy.rb +9 -0
- data/lib/secure_headers/version.rb +1 -1
- data/{secure-headers.gemspec → secure_headers.gemspec} +0 -0
- data/spec/lib/secure_headers/headers/content_security_policy_spec.rb +72 -84
- data/travis.sh +10 -0
- metadata +93 -3
data/travis.sh
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
#! /bin/sh
|
|
2
|
+
|
|
3
|
+
bundle install >> /dev/null &&
|
|
4
|
+
bundle exec rspec --format progress spec &&
|
|
5
|
+
cd fixtures/rails_3_2_12 &&
|
|
6
|
+
bundle install >> /dev/null &&
|
|
7
|
+
bundle exec rspec --format progress spec &&
|
|
8
|
+
cd ../../fixtures/rails_3_2_12_no_init &&
|
|
9
|
+
bundle install >> /dev/null &&
|
|
10
|
+
bundle exec rspec spec
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secure_headers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2013-02-
|
|
12
|
+
date: 2013-02-20 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: brwsr
|
|
@@ -62,15 +62,104 @@ files:
|
|
|
62
62
|
- app/controllers/content_security_policy_controller.rb
|
|
63
63
|
- config/curl-ca-bundle.crt
|
|
64
64
|
- config/routes.rb
|
|
65
|
+
- fixtures/rails_3_2_12/.rspec
|
|
66
|
+
- fixtures/rails_3_2_12/Gemfile
|
|
67
|
+
- fixtures/rails_3_2_12/Guardfile
|
|
68
|
+
- fixtures/rails_3_2_12/README.rdoc
|
|
69
|
+
- fixtures/rails_3_2_12/Rakefile
|
|
70
|
+
- fixtures/rails_3_2_12/app/controllers/application_controller.rb
|
|
71
|
+
- fixtures/rails_3_2_12/app/controllers/other_things_controller.rb
|
|
72
|
+
- fixtures/rails_3_2_12/app/controllers/things_controller.rb
|
|
73
|
+
- fixtures/rails_3_2_12/app/models/.gitkeep
|
|
74
|
+
- fixtures/rails_3_2_12/app/models/thing.rb
|
|
75
|
+
- fixtures/rails_3_2_12/app/views/layouts/application.html.erb
|
|
76
|
+
- fixtures/rails_3_2_12/app/views/other_things/index.html.erb
|
|
77
|
+
- fixtures/rails_3_2_12/app/views/things/index.html.erb
|
|
78
|
+
- fixtures/rails_3_2_12/config.ru
|
|
79
|
+
- fixtures/rails_3_2_12/config/application.rb
|
|
80
|
+
- fixtures/rails_3_2_12/config/boot.rb
|
|
81
|
+
- fixtures/rails_3_2_12/config/database.yml
|
|
82
|
+
- fixtures/rails_3_2_12/config/environment.rb
|
|
83
|
+
- fixtures/rails_3_2_12/config/environments/development.rb
|
|
84
|
+
- fixtures/rails_3_2_12/config/environments/production.rb
|
|
85
|
+
- fixtures/rails_3_2_12/config/environments/test.rb
|
|
86
|
+
- fixtures/rails_3_2_12/config/initializers/backtrace_silencers.rb
|
|
87
|
+
- fixtures/rails_3_2_12/config/initializers/inflections.rb
|
|
88
|
+
- fixtures/rails_3_2_12/config/initializers/mime_types.rb
|
|
89
|
+
- fixtures/rails_3_2_12/config/initializers/secret_token.rb
|
|
90
|
+
- fixtures/rails_3_2_12/config/initializers/secure_headers.rb
|
|
91
|
+
- fixtures/rails_3_2_12/config/initializers/session_store.rb
|
|
92
|
+
- fixtures/rails_3_2_12/config/initializers/wrap_parameters.rb
|
|
93
|
+
- fixtures/rails_3_2_12/config/locales/en.yml
|
|
94
|
+
- fixtures/rails_3_2_12/config/routes.rb
|
|
95
|
+
- fixtures/rails_3_2_12/db/schema.rb
|
|
96
|
+
- fixtures/rails_3_2_12/db/seeds.rb
|
|
97
|
+
- fixtures/rails_3_2_12/lib/assets/.gitkeep
|
|
98
|
+
- fixtures/rails_3_2_12/lib/tasks/.gitkeep
|
|
99
|
+
- fixtures/rails_3_2_12/log/.gitkeep
|
|
100
|
+
- fixtures/rails_3_2_12/spec/controllers/other_things_controller_spec.rb
|
|
101
|
+
- fixtures/rails_3_2_12/spec/controllers/things_controller_spec.rb
|
|
102
|
+
- fixtures/rails_3_2_12/spec/spec_helper.rb
|
|
103
|
+
- fixtures/rails_3_2_12/vendor/assets/javascripts/.gitkeep
|
|
104
|
+
- fixtures/rails_3_2_12/vendor/assets/stylesheets/.gitkeep
|
|
105
|
+
- fixtures/rails_3_2_12/vendor/plugins/.gitkeep
|
|
106
|
+
- fixtures/rails_3_2_12_no_init/.rspec
|
|
107
|
+
- fixtures/rails_3_2_12_no_init/Gemfile
|
|
108
|
+
- fixtures/rails_3_2_12_no_init/Guardfile
|
|
109
|
+
- fixtures/rails_3_2_12_no_init/README.rdoc
|
|
110
|
+
- fixtures/rails_3_2_12_no_init/Rakefile
|
|
111
|
+
- fixtures/rails_3_2_12_no_init/app/controllers/application_controller.rb
|
|
112
|
+
- fixtures/rails_3_2_12_no_init/app/controllers/other_things_controller.rb
|
|
113
|
+
- fixtures/rails_3_2_12_no_init/app/controllers/things_controller.rb
|
|
114
|
+
- fixtures/rails_3_2_12_no_init/app/models/.gitkeep
|
|
115
|
+
- fixtures/rails_3_2_12_no_init/app/models/thing.rb
|
|
116
|
+
- fixtures/rails_3_2_12_no_init/app/views/layouts/application.html.erb
|
|
117
|
+
- fixtures/rails_3_2_12_no_init/app/views/other_things/index.html.erb
|
|
118
|
+
- fixtures/rails_3_2_12_no_init/app/views/things/_form.html.erb
|
|
119
|
+
- fixtures/rails_3_2_12_no_init/app/views/things/edit.html.erb
|
|
120
|
+
- fixtures/rails_3_2_12_no_init/app/views/things/index.html.erb
|
|
121
|
+
- fixtures/rails_3_2_12_no_init/app/views/things/new.html.erb
|
|
122
|
+
- fixtures/rails_3_2_12_no_init/app/views/things/show.html.erb
|
|
123
|
+
- fixtures/rails_3_2_12_no_init/config.ru
|
|
124
|
+
- fixtures/rails_3_2_12_no_init/config/application.rb
|
|
125
|
+
- fixtures/rails_3_2_12_no_init/config/boot.rb
|
|
126
|
+
- fixtures/rails_3_2_12_no_init/config/database.yml
|
|
127
|
+
- fixtures/rails_3_2_12_no_init/config/environment.rb
|
|
128
|
+
- fixtures/rails_3_2_12_no_init/config/environments/development.rb
|
|
129
|
+
- fixtures/rails_3_2_12_no_init/config/environments/production.rb
|
|
130
|
+
- fixtures/rails_3_2_12_no_init/config/environments/test.rb
|
|
131
|
+
- fixtures/rails_3_2_12_no_init/config/initializers/backtrace_silencers.rb
|
|
132
|
+
- fixtures/rails_3_2_12_no_init/config/initializers/inflections.rb
|
|
133
|
+
- fixtures/rails_3_2_12_no_init/config/initializers/mime_types.rb
|
|
134
|
+
- fixtures/rails_3_2_12_no_init/config/initializers/secret_token.rb
|
|
135
|
+
- fixtures/rails_3_2_12_no_init/config/initializers/session_store.rb
|
|
136
|
+
- fixtures/rails_3_2_12_no_init/config/initializers/wrap_parameters.rb
|
|
137
|
+
- fixtures/rails_3_2_12_no_init/config/locales/en.yml
|
|
138
|
+
- fixtures/rails_3_2_12_no_init/config/routes.rb
|
|
139
|
+
- fixtures/rails_3_2_12_no_init/db/schema.rb
|
|
140
|
+
- fixtures/rails_3_2_12_no_init/db/seeds.rb
|
|
141
|
+
- fixtures/rails_3_2_12_no_init/lib/assets/.gitkeep
|
|
142
|
+
- fixtures/rails_3_2_12_no_init/lib/tasks/.gitkeep
|
|
143
|
+
- fixtures/rails_3_2_12_no_init/log/.gitkeep
|
|
144
|
+
- fixtures/rails_3_2_12_no_init/spec/controllers/other_things_controller_spec.rb
|
|
145
|
+
- fixtures/rails_3_2_12_no_init/spec/controllers/things_controller_spec.rb
|
|
146
|
+
- fixtures/rails_3_2_12_no_init/spec/spec_helper.rb
|
|
147
|
+
- fixtures/rails_3_2_12_no_init/vendor/assets/javascripts/.gitkeep
|
|
148
|
+
- fixtures/rails_3_2_12_no_init/vendor/assets/stylesheets/.gitkeep
|
|
149
|
+
- fixtures/rails_3_2_12_no_init/vendor/plugins/.gitkeep
|
|
65
150
|
- lib/secure_headers.rb
|
|
66
151
|
- lib/secure_headers/headers/content_security_policy.rb
|
|
152
|
+
- lib/secure_headers/headers/content_security_policy/browser_strategy.rb
|
|
153
|
+
- lib/secure_headers/headers/content_security_policy/firefox_browser_strategy.rb
|
|
154
|
+
- lib/secure_headers/headers/content_security_policy/ie_browser_strategy.rb
|
|
155
|
+
- lib/secure_headers/headers/content_security_policy/webkit_browser_strategy.rb
|
|
67
156
|
- lib/secure_headers/headers/strict_transport_security.rb
|
|
68
157
|
- lib/secure_headers/headers/x_content_type_options.rb
|
|
69
158
|
- lib/secure_headers/headers/x_frame_options.rb
|
|
70
159
|
- lib/secure_headers/headers/x_xss_protection.rb
|
|
71
160
|
- lib/secure_headers/railtie.rb
|
|
72
161
|
- lib/secure_headers/version.rb
|
|
73
|
-
-
|
|
162
|
+
- secure_headers.gemspec
|
|
74
163
|
- spec/controllers/content_security_policy_controller_spec.rb
|
|
75
164
|
- spec/lib/secure_headers/headers/content_security_policy_spec.rb
|
|
76
165
|
- spec/lib/secure_headers/headers/strict_transport_security_spec.rb
|
|
@@ -79,6 +168,7 @@ files:
|
|
|
79
168
|
- spec/lib/secure_headers/headers/x_xss_protection_spec.rb
|
|
80
169
|
- spec/lib/secure_headers_spec.rb
|
|
81
170
|
- spec/spec_helper.rb
|
|
171
|
+
- travis.sh
|
|
82
172
|
homepage: https://github.com/twitter/secureheaders
|
|
83
173
|
licenses:
|
|
84
174
|
- Apache Public License 2.0
|