RubyGems - secure_headers - Versions diffs - 5.0.0.alpha01 → 5.0.1 - Mend

secure_headers 5.0.0.alpha01 → 5.0.1

Potentially problematic release.

This version of secure_headers might be problematic. Click here for more details.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/lib/secure_headers/headers/expect_certificate_transparency.rb +1 -1
data/secure_headers.gemspec +1 -1
data/spec/lib/secure_headers/headers/{expect_certificate_spec.rb → expect_certificate_transparency_spec.rb} +3 -3
metadata +6 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2e6ac6e6f7a69c5fef2f3a357feaff630fc394c0
-  data.tar.gz: 218e2ea09bc6a88370be9ad4930764cd94cc5f08
+  metadata.gz: 36d743dc370dce07a032c6e5154eef9081e5d258
+  data.tar.gz: 89c7965e04093df147c7543f9b3cd4cc3e347e41
 SHA512:
-  metadata.gz: 0a2a38ec3dd215d754ea66cefeb96482fb0d2d35edf2fa13fbadd600a962b612b172b400425a7fb44304c200f9a79b7042893dfce82f48ea30734028773c205d
-  data.tar.gz: 5cff176050f3790236e65aec87c6f66e98adb473abcd608d3fe4eed0e587f1c7880dbc8c31735d2e3c39c766d8d4bf7a3b4df9e16673f66ab4970f4cb97e410a
+  metadata.gz: 11985973764bd80715c68e232e977074f084557deea8b2b96962d5c74f79af81601df30d6dda3150d5b278c75ee7f45c95e93bac26d62265fd5dabd99a39e024
+  data.tar.gz: 9cf62ba5f6ebaad74cec79c2201faf1521aad2a65627d5a64c74c9ff668b535664c1c49b285578713ce2bc2472b704e6b972c51074d2574ff2ad574cf6b87870

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## 5.0.1
+- Updates `Expect-CT` header to use a comma separator between directives, as specified in the most current spec.
 ## 5.0.0
 Well this is a little embarassing. 4.0 was supposed to set the secure/httponly/samesite=lax attributes on cookies by default but it didn't. Now it does. - See the [upgrading to 5.0](docs/upgrading-to-5-0.md) guide.

data/lib/secure_headers/headers/expect_certificate_transparency.rb CHANGED Viewed

@@ -49,7 +49,7 @@ module SecureHeaders
         enforced_directive,
         max_age_directive,
         report_uri_directive
-      ].compact.join("; ").strip
+      ].compact.join(", ").strip
     end
     def enforced_directive

data/secure_headers.gemspec CHANGED Viewed

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 Gem::Specification.new do |gem|
   gem.name          = "secure_headers"
-  gem.version       = "5.0.0.alpha01"
+  gem.version       = "5.0.1"
   gem.authors       = ["Neil Matatall"]
   gem.email         = ["neil.matatall@gmail.com"]
   gem.description   = "Manages application of security headers with many safe defaults."

data/spec/lib/secure_headers/headers/{expect_certificate_spec.rb → expect_certificate_transparency_spec.rb} RENAMED Viewed

@@ -3,13 +3,13 @@ require "spec_helper"
 module SecureHeaders
   describe ExpectCertificateTransparency do
-    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce; max-age=1234") }
+    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce, max-age=1234") }
     specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: false).value).to eq("max-age=1234") }
     specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: "yolocopter").value).to eq("max-age=1234") }
-    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234; report-uri=\"https://report-uri.io/expect-ct\"") }
+    specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234, report-uri=\"https://report-uri.io/expect-ct\"") }
     specify do
       config = { enforce: true, max_age: 1234, report_uri: "https://report-uri.io/expect-ct" }
-      header_value = "enforce; max-age=1234; report-uri=\"https://report-uri.io/expect-ct\""
+      header_value = "enforce, max-age=1234, report-uri=\"https://report-uri.io/expect-ct\""
       expect(ExpectCertificateTransparency.new(config).value).to eq(header_value)
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: secure_headers
 version: !ruby/object:Gem::Version
-  version: 5.0.0.alpha01
+  version: 5.0.1
 platform: ruby
 authors:
 - Neil Matatall
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-10-04 00:00:00.000000000 Z
+date: 2017-10-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -97,7 +97,7 @@ files:
 - spec/lib/secure_headers/headers/clear_site_data_spec.rb
 - spec/lib/secure_headers/headers/content_security_policy_spec.rb
 - spec/lib/secure_headers/headers/cookie_spec.rb
-- spec/lib/secure_headers/headers/expect_certificate_spec.rb
+- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
 - spec/lib/secure_headers/headers/policy_management_spec.rb
 - spec/lib/secure_headers/headers/public_key_pins_spec.rb
 - spec/lib/secure_headers/headers/referrer_policy_spec.rb
@@ -131,9 +131,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project:
 rubygems_version: 2.6.11
@@ -146,7 +146,7 @@ test_files:
 - spec/lib/secure_headers/headers/clear_site_data_spec.rb
 - spec/lib/secure_headers/headers/content_security_policy_spec.rb
 - spec/lib/secure_headers/headers/cookie_spec.rb
-- spec/lib/secure_headers/headers/expect_certificate_spec.rb
+- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
 - spec/lib/secure_headers/headers/policy_management_spec.rb
 - spec/lib/secure_headers/headers/public_key_pins_spec.rb
 - spec/lib/secure_headers/headers/referrer_policy_spec.rb