RubyGems - secure_headers - Versions diffs - 3.7.2 → 3.7.3 - Mend

secure_headers 3.7.2 → 3.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of secure_headers might be problematic. Click here for more details.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/lib/secure_headers/headers/expect_certificate_transparency.rb +1 -1
data/secure_headers.gemspec +1 -1
data/spec/lib/secure_headers/headers/{expect_certificate_spec.rb → expect_certificate_transparency_spec.rb} +3 -3
metadata +4 -4

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c119abbad46d190ddf82e5c9868e0b80e300676a
-  data.tar.gz: 891a862a3adfe690765bae7a0a3a68d31aa3e2ea
+  metadata.gz: 5cd934820f1415f10f72f50e9c2b7fa1e28e0c42
+  data.tar.gz: 44ab45585f8c160e2c584322a134481762b3d19b
 SHA512:
-  metadata.gz: 3d4898ed4bc2aada51f79b6aad95a62a5f8aa45309ab0831c61b8dabacd5af749fe513d495a35186532e68466ff21bd8b51d49c0d0461fc4fa788adc43723bce
-  data.tar.gz: cf29ea5654f024321177cb81ed8eaec9ea0a910bd665ba0281590584108e74095afc69edc5c8b43a31f3ec5690370f10d0f98bb1b38269cdeda78cd4a6f0a3a3
+  metadata.gz: c89380d4d42e28edb2ddd461b2efc14c81591a69b9a7b3c9f95614d103c358565da9e707a6cca3c74d13feec04fb9696a70260129103e92b411b675ab0f73ccd
+  data.tar.gz: 40bc10998d062ae8103256061d989db50c3b3a9908905cca2b106c313a0f2e417fcc50e3b89c4dd9b4602b2b49a6d3080cd28e761d9f23c56cfff426bd7cac55

data/CHANGELOG.md CHANGED

@@ -1,3 +1,7 @@
+## 3.7.3
+- Updates `Expect-CT` header to use a comma separator between directives, as specified in the most current spec.
 ## 3.7.2
 - Adds support for `worker-src` CSP directive to 3.x line (https://github.com/twitter/secureheaders/pull/364)

data/lib/secure_headers/headers/expect_certificate_transparency.rb CHANGED

@@ -49,7 +49,7 @@ module SecureHeaders
         enforced_directive,
         max_age_directive,
         report_uri_directive
-      ].compact.join("; ").strip
+      ].compact.join(", ").strip
     end
     def enforced_directive

data/secure_headers.gemspec CHANGED

@@ -1,7 +1,7 @@
 # -*- encoding: utf-8 -*-
 Gem::Specification.new do |gem|
   gem.name          = "secure_headers"
-  gem.version       = "3.7.2"
+  gem.version       = "3.7.3"
   gem.authors       = ["Neil Matatall"]
   gem.email         = ["neil.matatall@gmail.com"]
   gem.description   = 'Manages application of security headers with many safe defaults.'

data/spec/lib/secure_headers/headers/{expect_certificate_spec.rb → expect_certificate_transparency_spec.rb} RENAMED

@@ -3,13 +3,13 @@ require "spec_helper"
 module SecureHeaders
   describe ExpectCertificateTransparency do
-    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce; max-age=1234") }
+    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce, max-age=1234") }
     specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: false).value).to eq("max-age=1234") }
     specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: "yolocopter").value).to eq("max-age=1234") }
-    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234; report-uri=\"https://report-uri.io/expect-ct\"") }
+    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234, report-uri=\"https://report-uri.io/expect-ct\"") }
     specify do
       config = { enforce: true, max_age: 1234, report_uri: "https://report-uri.io/expect-ct" }
-      header_value = "enforce; max-age=1234; report-uri=\"https://report-uri.io/expect-ct\""
+      header_value = "enforce, max-age=1234, report-uri=\"https://report-uri.io/expect-ct\""
       expect(ExpectCertificateTransparency.new(config).value).to eq(header_value)
     end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: secure_headers
 version: !ruby/object:Gem::Version
-  version: 3.7.2
+  version: 3.7.3
 platform: ruby
 authors:
 - Neil Matatall
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-10-03 00:00:00.000000000 Z
+date: 2017-10-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -93,7 +93,7 @@ files:
 - spec/lib/secure_headers/headers/clear_site_data_spec.rb
 - spec/lib/secure_headers/headers/content_security_policy_spec.rb
 - spec/lib/secure_headers/headers/cookie_spec.rb
-- spec/lib/secure_headers/headers/expect_certificate_spec.rb
+- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
 - spec/lib/secure_headers/headers/policy_management_spec.rb
 - spec/lib/secure_headers/headers/public_key_pins_spec.rb
 - spec/lib/secure_headers/headers/referrer_policy_spec.rb
@@ -138,7 +138,7 @@ test_files:
 - spec/lib/secure_headers/headers/clear_site_data_spec.rb
 - spec/lib/secure_headers/headers/content_security_policy_spec.rb
 - spec/lib/secure_headers/headers/cookie_spec.rb
-- spec/lib/secure_headers/headers/expect_certificate_spec.rb
+- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
 - spec/lib/secure_headers/headers/policy_management_spec.rb
 - spec/lib/secure_headers/headers/public_key_pins_spec.rb
 - spec/lib/secure_headers/headers/referrer_policy_spec.rb