RubyGems - secure_headers - Versions diffs - 4.0.1 → 4.0.2 - Mend

secure_headers 4.0.1 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of secure_headers might be problematic. Click here for more details.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/lib/secure_headers/headers/expect_certificate_transparency.rb +1 -1
data/secure_headers.gemspec +1 -1
data/spec/lib/secure_headers/headers/{expect_certificate_spec.rb → expect_certificate_transparency_spec.rb} +3 -3
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: fe8e39e4a81e0429bcba0fde48a5bb670f4bfb21
-  data.tar.gz: fc5989c5886abaf9245b2e29c3a0fbdb77e03e40
+  metadata.gz: bf4c1585c657ad3812d124ed506030b900eb3778
+  data.tar.gz: afe30fa230c2e34ef8c9d253210e918dd8412f11
 SHA512:
-  metadata.gz: 373cbefd9bf90c0aa486de40aea8b14f45c9855a580048b25a1de9e7475cb597b7c4bda979f79c897fc988a9be38741477994ba295153ccb642846b767ab597d
-  data.tar.gz: 1911795207a61925df44c32d8ffb23908c909332eab7b579d84a5a008296be0e329fcc950e70885fd876b2c7feed2d4e2c12f65148303f90849757a050b32a04
+  metadata.gz: cc3230d801ffffbb1ddb892721b54aa54bba40c0785edaa399754f10d61e3870d385710ad722754dd604922807eb5fc8aece7abfc89a75c8f4f1c9dfb1467d04
+  data.tar.gz: 11736ff26de3b9a5ada127edc1a8e32c25a0f75269109de5d60d19dc5dc28932f2bdfc9a44c4f1c13f4a44eee4759bcc8dfe4e08a4a600bc78042767f139489b

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## 4.0.2
+- Updates `Expect-CT` header to use a comma separator between directives, as specified in the most current spec.
 ## 4.0.1
 - Adds support for `worker-src` CSP directive to 4.x line (https://github.com/twitter/secureheaders/pull/364)

data/lib/secure_headers/headers/expect_certificate_transparency.rb CHANGED Viewed

@@ -49,7 +49,7 @@ module SecureHeaders
         enforced_directive,
         max_age_directive,
         report_uri_directive
-      ].compact.join("; ").strip
+      ].compact.join(", ").strip
     end
     def enforced_directive

data/secure_headers.gemspec CHANGED Viewed

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 Gem::Specification.new do |gem|
   gem.name          = "secure_headers"
-  gem.version       = "4.0.1"
+  gem.version       = "4.0.2"
   gem.authors       = ["Neil Matatall"]
   gem.email         = ["neil.matatall@gmail.com"]
   gem.description   = "Manages application of security headers with many safe defaults."

data/spec/lib/secure_headers/headers/{expect_certificate_spec.rb → expect_certificate_transparency_spec.rb} RENAMED Viewed

@@ -3,13 +3,13 @@ require "spec_helper"
 module SecureHeaders
   describe ExpectCertificateTransparency do
-    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce; max-age=1234") }
+    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce, max-age=1234") }
     specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: false).value).to eq("max-age=1234") }
     specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: "yolocopter").value).to eq("max-age=1234") }
-    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234; report-uri=\"https://report-uri.io/expect-ct\"") }
+    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234, report-uri=\"https://report-uri.io/expect-ct\"") }
     specify do
       config = { enforce: true, max_age: 1234, report_uri: "https://report-uri.io/expect-ct" }
-      header_value = "enforce; max-age=1234; report-uri=\"https://report-uri.io/expect-ct\""
+      header_value = "enforce, max-age=1234, report-uri=\"https://report-uri.io/expect-ct\""
       expect(ExpectCertificateTransparency.new(config).value).to eq(header_value)
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: secure_headers
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.0.2
 platform: ruby
 authors:
 - Neil Matatall
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-10-03 00:00:00.000000000 Z
+date: 2017-10-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -94,7 +94,7 @@ files:
 - spec/lib/secure_headers/headers/clear_site_data_spec.rb
 - spec/lib/secure_headers/headers/content_security_policy_spec.rb
 - spec/lib/secure_headers/headers/cookie_spec.rb
-- spec/lib/secure_headers/headers/expect_certificate_spec.rb
+- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
 - spec/lib/secure_headers/headers/policy_management_spec.rb
 - spec/lib/secure_headers/headers/public_key_pins_spec.rb
 - spec/lib/secure_headers/headers/referrer_policy_spec.rb
@@ -145,7 +145,7 @@ test_files:
 - spec/lib/secure_headers/headers/clear_site_data_spec.rb
 - spec/lib/secure_headers/headers/content_security_policy_spec.rb
 - spec/lib/secure_headers/headers/cookie_spec.rb
-- spec/lib/secure_headers/headers/expect_certificate_spec.rb
+- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
 - spec/lib/secure_headers/headers/policy_management_spec.rb
 - spec/lib/secure_headers/headers/public_key_pins_spec.rb
 - spec/lib/secure_headers/headers/referrer_policy_spec.rb