secure_headers 2.5.1 → 2.5.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of secure_headers might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/secure_headers.rb +16 -9
- data/lib/secure_headers/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c9f7672d8914364e8eef869c24c4fd82101944de
|
|
4
|
+
data.tar.gz: c0e93e3380c8299eb0cef567ddebbcba2b72d1ed
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 90011cbc58f5b045268542ef3798cd5d58ecafdb06c762c5eca118cadba2848e9520a9e583070cc3486f4e5a7ac2d1ef80822b16deaf452cfae797535f8c9580
|
|
7
|
+
data.tar.gz: ff6e285cbec857db35dddbe110c47dbbc314ef2b937bf425bd3add5268751107e335c1f990d5c45f8915d8238b649c835109fdadb987e970653568064836efce
|
data/lib/secure_headers.rb
CHANGED
|
@@ -27,6 +27,18 @@ module SecureHeaders
|
|
|
27
27
|
SecureHeaders::XXssProtection
|
|
28
28
|
]
|
|
29
29
|
|
|
30
|
+
ALL_FILTER_METHODS = [
|
|
31
|
+
:prep_script_hash,
|
|
32
|
+
:set_hsts_header,
|
|
33
|
+
:set_hpkp_header,
|
|
34
|
+
:set_x_frame_options_header,
|
|
35
|
+
:set_csp_header,
|
|
36
|
+
:set_x_xss_protection_header,
|
|
37
|
+
:set_x_content_type_options_header,
|
|
38
|
+
:set_x_download_options_header,
|
|
39
|
+
:set_x_permitted_cross_domain_policies_header
|
|
40
|
+
]
|
|
41
|
+
|
|
30
42
|
module Configuration
|
|
31
43
|
class << self
|
|
32
44
|
attr_accessor :hsts, :x_frame_options, :x_content_type_options,
|
|
@@ -97,15 +109,10 @@ module SecureHeaders
|
|
|
97
109
|
warn "[DEPRECATION] secure_headers ruby 1.8.7 support will dropped in the next release"
|
|
98
110
|
end
|
|
99
111
|
self.secure_headers_options = options
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
before_filter :set_csp_header
|
|
105
|
-
before_filter :set_x_xss_protection_header
|
|
106
|
-
before_filter :set_x_content_type_options_header
|
|
107
|
-
before_filter :set_x_download_options_header
|
|
108
|
-
before_filter :set_x_permitted_cross_domain_policies_header
|
|
112
|
+
hook = respond_to?(:before_action) ? :before_action : :before_filter
|
|
113
|
+
ALL_FILTER_METHODS.each do |method|
|
|
114
|
+
send(hook, method)
|
|
115
|
+
end
|
|
109
116
|
end
|
|
110
117
|
end
|
|
111
118
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secure_headers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.5.
|
|
4
|
+
version: 2.5.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neil Matatall
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-02-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|