secure_headers 2.4.2 → 2.4.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of secure_headers might be problematic. Click here for more details.

Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/secure_headers/headers/content_security_policy.rb +3 -2
  3. data/lib/secure_headers/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ba37b57a088b6c481e24b7effe725c665061dba6
4
- data.tar.gz: d081e7b902b1d6036d8862267c5f3fb179bba219
3
+ metadata.gz: 2e4d6f82d6ed89fdcda1354e5ef6f802696bb192
4
+ data.tar.gz: ed1b4550998780641a7c09cdf5d13147ca42c7a6
5
5
  SHA512:
6
- metadata.gz: fd94590f06966a3d80f635cfda20127bbf5004612cce06d729e90b6c6c69f46a4faf014a34605143f1ccd36b4cda0cf8ad40a6fad5f48c40c04c466438e5a1a0
7
- data.tar.gz: 7adee15d4987530bdf8b49ef681642427632ebd2a33595d37025c326bd2b3a8a23062d043bca2b1ed0c3ac305661cb3fd7541aa1b59f59ed9335157e5863a7af
6
+ metadata.gz: 23c5adf02fd51a402a5daec6f46afb2c84022544f4572f67b65fdf1d9d4b08f3684d67cc9fd3031ec15530f988e1f52f19e63b6d712728c6dd44b366d8246519
7
+ data.tar.gz: ff8f0681465846609d2e1d9962eab1ac98ada78fb837f67a7981bfef549643ec2bdb4985927dabc20ae3f6eb6e79c9ea4a240a37d8ac631b4193870df0c1f268
data/lib/secure_headers/headers/content_security_policy.rb CHANGED
@@ -11,6 +11,7 @@ module SecureHeaders
11
11
  DEFAULT_CSP_HEADER = "default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-src https: about: javascript:; img-src data:"
12
12
  HEADER_NAME = "Content-Security-Policy"
13
13
  ENV_KEY = 'secure_headers.content_security_policy'
14
+ USER_AGENT_PARSER = UserAgentParser::Parser.new
14
15
 
15
16
  DIRECTIVES_1_0 = [
16
17
  :default_src,
@@ -304,7 +305,7 @@ module SecureHeaders
304
305
  end
305
306
 
306
307
  def supported_directives
307
- @supported_directives ||= case UserAgentParser.parse(@ua).family
308
+ @supported_directives ||= case USER_AGENT_PARSER.parse(@ua).family
308
309
  when "Chrome"
309
310
  CHROME_DIRECTIVES
310
311
  when "Safari"
@@ -317,7 +318,7 @@ module SecureHeaders
317
318
  end
318
319
 
319
320
  def supports_nonces?
320
- parsed_ua = UserAgentParser.parse(@ua)
321
+ parsed_ua = USER_AGENT_PARSER.parse(@ua)
321
322
  ["Chrome", "Opera", "Firefox"].include?(parsed_ua.family)
322
323
  end
323
324
  end
data/lib/secure_headers/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SecureHeaders
2
- VERSION = "2.4.2"
2
+ VERSION = "2.4.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure_headers
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.4.2
4
+ version: 2.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Neil Matatall
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-10-20 00:00:00.000000000 Z
11
+ date: 2015-10-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake