secure_headers 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/HISTORY.md
CHANGED
|
@@ -1,10 +1,17 @@
|
|
|
1
|
+
0.4.1
|
|
2
|
+
======
|
|
3
|
+
|
|
4
|
+
- Allow strings or ints in the HSTS max-age (@reedloden)
|
|
5
|
+
|
|
1
6
|
0.4.0
|
|
2
7
|
=======
|
|
8
|
+
|
|
3
9
|
- Treat each header as it's own before_filter. This allows you to `skip_before_filter :set_X_header, :only => :bad_idea
|
|
4
10
|
- Should be backwards compatible, but it is a change to the API.
|
|
5
11
|
|
|
6
12
|
0.3.0
|
|
7
13
|
=======
|
|
14
|
+
|
|
8
15
|
- Greatly reduce the need to use the forward_endpoint attribute. If you are posting from your site to a host that matches TLD+1 (e.g. translate.twitter.com matches twitter.com), use a protocol relative value for report-uri. This will alleviate the need to use forwarding. If your host doesn't match, you still need to use forwarding due to host mismatches for Firefox.
|
|
9
16
|
|
|
10
17
|
0.2.3
|
data/README.md
CHANGED
|
@@ -41,7 +41,7 @@ module SecureHeaders
|
|
|
41
41
|
if @config.is_a? Hash
|
|
42
42
|
if !@config[:max_age]
|
|
43
43
|
raise STSBuildError.new("No max-age was supplied.")
|
|
44
|
-
elsif @config[:max_age] !~ /\A\d+\z/
|
|
44
|
+
elsif @config[:max_age].to_s !~ /\A\d+\z/
|
|
45
45
|
raise STSBuildError.new("max-age must be a number. #{@config[:max_age]} was supplied.")
|
|
46
46
|
end
|
|
47
47
|
else
|
|
@@ -28,6 +28,18 @@ module SecureHeaders
|
|
|
28
28
|
|
|
29
29
|
context "with an invalid configuration" do
|
|
30
30
|
context "with a hash argument" do
|
|
31
|
+
it "should allow string values for max-age" do
|
|
32
|
+
lambda {
|
|
33
|
+
StrictTransportSecurity.new(:max_age => '1234')
|
|
34
|
+
}.should_not raise_error
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
it "should allow integer values for max-age" do
|
|
38
|
+
lambda {
|
|
39
|
+
StrictTransportSecurity.new(:max_age => 1234)
|
|
40
|
+
}.should_not raise_error
|
|
41
|
+
end
|
|
42
|
+
|
|
31
43
|
it "raises an exception with an invalid max-age" do
|
|
32
44
|
lambda {
|
|
33
45
|
StrictTransportSecurity.new(:max_age => 'abc123')
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secure_headers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2013-04-
|
|
12
|
+
date: 2013-04-10 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: brwsr
|
|
@@ -190,7 +190,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
190
190
|
version: '0'
|
|
191
191
|
requirements: []
|
|
192
192
|
rubyforge_project:
|
|
193
|
-
rubygems_version: 1.8.
|
|
193
|
+
rubygems_version: 1.8.24
|
|
194
194
|
signing_key:
|
|
195
195
|
specification_version: 3
|
|
196
196
|
summary: Add easily configured browser headers to responses including content security
|