secure_headers 3.0.0.pre1 → 3.0.0.pre2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of secure_headers might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/secure_headers/view_helper.rb +2 -2
- data/secure_headers.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d6e439e921b5270ed007c604d2287b04a5ef691f
|
|
4
|
+
data.tar.gz: 6ae708cd125952e4ad7f24121d1be4f5b8d54d1d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a426253499c8e6e1c70d6f1f11cde022d90f4ea9dc8db1073f1055ee0c82e6be007b2746ff5e98cb4e12c0f0064b7e656c4861e97bf10fd01f156f8e78d551a1
|
|
7
|
+
data.tar.gz: 91ef0e9f9f32d311389d35c0caf3b607da10b6e8fc029d1a4a1514c35ca2df92b1a9dbda224d6e4808d39517dc4d2ef62317bcf1c7f3d1071cd37231fe461141
|
data/README.md
CHANGED
|
@@ -24,7 +24,7 @@ All `nil` values will fallback to their default value. `SecureHeaders::OPT_OUT`
|
|
|
24
24
|
|
|
25
25
|
```ruby
|
|
26
26
|
SecureHeaders::Configuration.default do |config|
|
|
27
|
-
config.hsts = 20.years.to_i
|
|
27
|
+
config.hsts = "max-age=#{20.years.to_i}"
|
|
28
28
|
config.x_frame_options = "DENY"
|
|
29
29
|
config.x_content_type_options = "nosniff"
|
|
30
30
|
config.x_xss_protection = "1; mode=block"
|
|
@@ -4,7 +4,7 @@ module SecureHeaders
|
|
|
4
4
|
# Instructs secure_headers to append a nonce to style/script-src directives.
|
|
5
5
|
#
|
|
6
6
|
# Returns an html-safe style tag with the nonce attribute.
|
|
7
|
-
def nonced_style_tag(content_or_options =
|
|
7
|
+
def nonced_style_tag(content_or_options = {}, &block)
|
|
8
8
|
nonced_tag(:style, content_or_options, block)
|
|
9
9
|
end
|
|
10
10
|
|
|
@@ -12,7 +12,7 @@ module SecureHeaders
|
|
|
12
12
|
# Instructs secure_headers to append a nonce to style/script-src directives.
|
|
13
13
|
#
|
|
14
14
|
# Returns an html-safe script tag with the nonce attribute.
|
|
15
|
-
def nonced_javascript_tag(content_or_options =
|
|
15
|
+
def nonced_javascript_tag(content_or_options = {}, &block)
|
|
16
16
|
nonced_tag(:script, content_or_options, block)
|
|
17
17
|
end
|
|
18
18
|
|
data/secure_headers.gemspec
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# -*- encoding: utf-8 -*-
|
|
2
2
|
Gem::Specification.new do |gem|
|
|
3
3
|
gem.name = "secure_headers"
|
|
4
|
-
gem.version = "3.0.0.
|
|
4
|
+
gem.version = "3.0.0.pre2"
|
|
5
5
|
gem.authors = ["Neil Matatall"]
|
|
6
6
|
gem.email = ["neil.matatall@gmail.com"]
|
|
7
7
|
gem.description = 'Security related headers all in one gem.'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secure_headers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.0.
|
|
4
|
+
version: 3.0.0.pre2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neil Matatall
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-12-
|
|
11
|
+
date: 2015-12-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|