secure_headers 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -13,9 +13,9 @@ describe SecureHeaders do
13
13
 
14
14
  before(:each) do
15
15
  stub_user_agent(nil)
16
- headers.stub(:[])
17
- subject.stub(:response).and_return(response)
18
- subject.stub(:request).and_return(request)
16
+ allow(headers).to receive(:[])
17
+ allow(subject).to receive(:response).and_return(response)
18
+ allow(subject).to receive(:request).and_return(request)
19
19
  end
20
20
 
21
21
  ALL_HEADERS = Hash[[:hsts, :csp, :x_frame_options, :x_content_type_options, :x_xss_protection].map{|header| [header, false]}]
@@ -32,15 +32,15 @@ describe SecureHeaders do
32
32
  }
33
33
 
34
34
  def should_assign_header name, value
35
- response.headers.should_receive(:[]=).with(name, value)
35
+ expect(response.headers).to receive(:[]=).with(name, value)
36
36
  end
37
37
 
38
38
  def should_not_assign_header name
39
- response.headers.should_not_receive(:[]=).with(name, anything)
39
+ expect(response.headers).not_to receive(:[]=).with(name, anything)
40
40
  end
41
41
 
42
42
  def stub_user_agent val
43
- request.stub_chain(:env, :[]).and_return(val)
43
+ allow(request).to receive_message_chain(:env, :[]).and_return(val)
44
44
  end
45
45
 
46
46
  def options_for header
@@ -68,7 +68,7 @@ describe SecureHeaders do
68
68
  describe "#ensure_security_headers" do
69
69
  it "sets a before filter" do
70
70
  options = {}
71
- DummyClass.should_receive(:before_filter).exactly(5).times
71
+ expect(DummyClass).to receive(:before_filter).exactly(5).times
72
72
  DummyClass.ensure_security_headers(options)
73
73
  end
74
74
  end
@@ -87,13 +87,13 @@ describe SecureHeaders do
87
87
 
88
88
  describe "#set_security_headers" do
89
89
  before(:each) do
90
- SecureHeaders::ContentSecurityPolicy.stub(:new).and_return(double.as_null_object)
90
+ allow(SecureHeaders::ContentSecurityPolicy).to receive(:new).and_return(double.as_null_object)
91
91
  end
92
92
  USER_AGENTS.each do |name, useragent|
93
93
  it "sets all default headers for #{name} (smoke test)" do
94
94
  stub_user_agent(useragent)
95
95
  number_of_headers = 5
96
- subject.should_receive(:set_header).exactly(number_of_headers).times # a request for a given header
96
+ expect(subject).to receive(:set_header).exactly(number_of_headers).times # a request for a given header
97
97
  subject.set_csp_header
98
98
  subject.set_x_frame_options_header
99
99
  subject.set_hsts_header
@@ -124,7 +124,7 @@ describe SecureHeaders do
124
124
  end
125
125
 
126
126
  it "does not set the HSTS header if request is over HTTP" do
127
- subject.stub_chain(:request, :ssl?).and_return(false)
127
+ allow(subject).to receive_message_chain(:request, :ssl?).and_return(false)
128
128
  should_not_assign_header(HSTS_HEADER_NAME)
129
129
  subject.set_hsts_header({:include_subdomains => true})
130
130
  end
@@ -144,7 +144,7 @@ describe SecureHeaders do
144
144
  config.x_xss_protection = false
145
145
  config.csp = false
146
146
  end
147
- subject.should_not_receive(:set_header)
147
+ expect(subject).not_to receive(:set_header)
148
148
  set_security_headers(subject)
149
149
  reset_config
150
150
  end
data/spec/spec_helper.rb CHANGED
@@ -9,7 +9,6 @@ unless Spork.using_spork?
9
9
  end
10
10
 
11
11
  Spork.prefork do
12
- require 'pry'
13
12
  require 'rspec'
14
13
  end
15
14
 
metadata CHANGED
@@ -1,20 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure_headers
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
5
- prerelease:
4
+ version: 1.2.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Neil Matatall
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2013-11-11 00:00:00.000000000 Z
11
+ date: 2014-06-13 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: rake
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
17
  - - ! '>='
20
18
  - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
22
20
  type: :development
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
24
  - - ! '>='
28
25
  - !ruby/object:Gem::Version
@@ -35,7 +32,8 @@ extensions: []
35
32
  extra_rdoc_files: []
36
33
  files:
37
34
  - .gitignore
38
- - .rvmrc
35
+ - .ruby-gemset
36
+ - .ruby-version
39
37
  - .travis.yml
40
38
  - Gemfile
41
39
  - Guardfile
@@ -153,27 +151,26 @@ files:
153
151
  homepage: https://github.com/twitter/secureheaders
154
152
  licenses:
155
153
  - Apache Public License 2.0
154
+ metadata: {}
156
155
  post_install_message:
157
156
  rdoc_options: []
158
157
  require_paths:
159
158
  - lib
160
159
  required_ruby_version: !ruby/object:Gem::Requirement
161
- none: false
162
160
  requirements:
163
161
  - - ! '>='
164
162
  - !ruby/object:Gem::Version
165
163
  version: '0'
166
164
  required_rubygems_version: !ruby/object:Gem::Requirement
167
- none: false
168
165
  requirements:
169
166
  - - ! '>='
170
167
  - !ruby/object:Gem::Version
171
168
  version: '0'
172
169
  requirements: []
173
170
  rubyforge_project:
174
- rubygems_version: 1.8.25
171
+ rubygems_version: 2.2.2
175
172
  signing_key:
176
- specification_version: 3
173
+ specification_version: 4
177
174
  summary: Add easily configured browser headers to responses including content security
178
175
  policy, x-frame-options, strict-transport-security and more.
179
176
  test_files:
data/.rvmrc DELETED
@@ -1 +0,0 @@
1
- rvm use 1.9.3@secureheaders --create