secure_headers 5.0.0.alpha01 → 5.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of secure_headers might be problematic. Click here for more details.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 36d743dc370dce07a032c6e5154eef9081e5d258
|
|
4
|
+
data.tar.gz: 89c7965e04093df147c7543f9b3cd4cc3e347e41
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 11985973764bd80715c68e232e977074f084557deea8b2b96962d5c74f79af81601df30d6dda3150d5b278c75ee7f45c95e93bac26d62265fd5dabd99a39e024
|
|
7
|
+
data.tar.gz: 9cf62ba5f6ebaad74cec79c2201faf1521aad2a65627d5a64c74c9ff668b535664c1c49b285578713ce2bc2472b704e6b972c51074d2574ff2ad574cf6b87870
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
## 5.0.1
|
|
2
|
+
|
|
3
|
+
- Updates `Expect-CT` header to use a comma separator between directives, as specified in the most current spec.
|
|
4
|
+
|
|
1
5
|
## 5.0.0
|
|
2
6
|
|
|
3
7
|
Well this is a little embarassing. 4.0 was supposed to set the secure/httponly/samesite=lax attributes on cookies by default but it didn't. Now it does. - See the [upgrading to 5.0](docs/upgrading-to-5-0.md) guide.
|
data/secure_headers.gemspec
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
Gem::Specification.new do |gem|
|
|
4
4
|
gem.name = "secure_headers"
|
|
5
|
-
gem.version = "5.0.
|
|
5
|
+
gem.version = "5.0.1"
|
|
6
6
|
gem.authors = ["Neil Matatall"]
|
|
7
7
|
gem.email = ["neil.matatall@gmail.com"]
|
|
8
8
|
gem.description = "Manages application of security headers with many safe defaults."
|
|
@@ -3,13 +3,13 @@ require "spec_helper"
|
|
|
3
3
|
|
|
4
4
|
module SecureHeaders
|
|
5
5
|
describe ExpectCertificateTransparency do
|
|
6
|
-
specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce
|
|
6
|
+
specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: true).value).to eq("enforce, max-age=1234") }
|
|
7
7
|
specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: false).value).to eq("max-age=1234") }
|
|
8
8
|
specify { expect(ExpectCertificateTransparency.new(max_age: 1234, enforce: "yolocopter").value).to eq("max-age=1234") }
|
|
9
|
-
specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234
|
|
9
|
+
specify { expect(ExpectCertificateTransparency.new(max_age: 1234, report_uri: "https://report-uri.io/expect-ct").value).to eq("max-age=1234, report-uri=\"https://report-uri.io/expect-ct\"") }
|
|
10
10
|
specify do
|
|
11
11
|
config = { enforce: true, max_age: 1234, report_uri: "https://report-uri.io/expect-ct" }
|
|
12
|
-
header_value = "enforce
|
|
12
|
+
header_value = "enforce, max-age=1234, report-uri=\"https://report-uri.io/expect-ct\""
|
|
13
13
|
expect(ExpectCertificateTransparency.new(config).value).to eq(header_value)
|
|
14
14
|
end
|
|
15
15
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secure_headers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.0.
|
|
4
|
+
version: 5.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neil Matatall
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-10-
|
|
11
|
+
date: 2017-10-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|
|
@@ -97,7 +97,7 @@ files:
|
|
|
97
97
|
- spec/lib/secure_headers/headers/clear_site_data_spec.rb
|
|
98
98
|
- spec/lib/secure_headers/headers/content_security_policy_spec.rb
|
|
99
99
|
- spec/lib/secure_headers/headers/cookie_spec.rb
|
|
100
|
-
- spec/lib/secure_headers/headers/
|
|
100
|
+
- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
|
|
101
101
|
- spec/lib/secure_headers/headers/policy_management_spec.rb
|
|
102
102
|
- spec/lib/secure_headers/headers/public_key_pins_spec.rb
|
|
103
103
|
- spec/lib/secure_headers/headers/referrer_policy_spec.rb
|
|
@@ -131,9 +131,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
131
131
|
version: '0'
|
|
132
132
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
133
133
|
requirements:
|
|
134
|
-
- - "
|
|
134
|
+
- - ">="
|
|
135
135
|
- !ruby/object:Gem::Version
|
|
136
|
-
version:
|
|
136
|
+
version: '0'
|
|
137
137
|
requirements: []
|
|
138
138
|
rubyforge_project:
|
|
139
139
|
rubygems_version: 2.6.11
|
|
@@ -146,7 +146,7 @@ test_files:
|
|
|
146
146
|
- spec/lib/secure_headers/headers/clear_site_data_spec.rb
|
|
147
147
|
- spec/lib/secure_headers/headers/content_security_policy_spec.rb
|
|
148
148
|
- spec/lib/secure_headers/headers/cookie_spec.rb
|
|
149
|
-
- spec/lib/secure_headers/headers/
|
|
149
|
+
- spec/lib/secure_headers/headers/expect_certificate_transparency_spec.rb
|
|
150
150
|
- spec/lib/secure_headers/headers/policy_management_spec.rb
|
|
151
151
|
- spec/lib/secure_headers/headers/public_key_pins_spec.rb
|
|
152
152
|
- spec/lib/secure_headers/headers/referrer_policy_spec.rb
|