spinels-rack-ssl-enforcer 0.3.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rack/ssl-enforcer/version.rb +1 -1
- data/lib/rack/ssl-enforcer.rb +6 -6
- metadata +22 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 593aebbc3813e49fba1056df4f68f4eee2a0f9a5079655f67d55f00469b30988
|
|
4
|
+
data.tar.gz: d1f27884e1e6a1aa7d5ea5deccd00aac5de342322175381bf8e28327b4f35522
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dbfe47663b655a60d62fb141b746ca849704446de2ef91194ed36194b9b6277ebc8f420072059b1e13e68ffe908adb42eab663c9d2df1314418b363fd978bbdb
|
|
7
|
+
data.tar.gz: ceb9d49762932d5ca547163892611d2b4789d546c6304da90e013ce52ab0f6317a4f301564c1508209cf696420e3d0d2c4c7a0de8e12ae1c36bb645be97de218
|
data/lib/rack/ssl-enforcer.rb
CHANGED
|
@@ -93,7 +93,7 @@ module Rack
|
|
|
93
93
|
location = replace_host(location, req, @options[:redirect_to])
|
|
94
94
|
redirect_to(location)
|
|
95
95
|
rescue URI::InvalidURIError
|
|
96
|
-
[400, { '
|
|
96
|
+
[400, { 'content-type' => 'text/plain'}, []]
|
|
97
97
|
end
|
|
98
98
|
|
|
99
99
|
def redirect_to(location)
|
|
@@ -102,7 +102,7 @@ module Rack
|
|
|
102
102
|
body << @options[:redirect_html] if @options[:redirect_html].is_a?(String)
|
|
103
103
|
body = @options[:redirect_html] if @options[:redirect_html].respond_to?('each')
|
|
104
104
|
|
|
105
|
-
[@options[:redirect_code] || 301, { '
|
|
105
|
+
[@options[:redirect_code] || 301, { 'content-type' => 'text/html', 'location' => location }, body]
|
|
106
106
|
end
|
|
107
107
|
|
|
108
108
|
def ssl_request?(req)
|
|
@@ -181,15 +181,15 @@ module Rack
|
|
|
181
181
|
|
|
182
182
|
# see http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_theft_and_session_hijacking
|
|
183
183
|
def flag_cookies_as_secure!(headers)
|
|
184
|
-
if cookies = headers['
|
|
184
|
+
if cookies = headers['set-cookie']
|
|
185
185
|
# Support Rails 2.3 / Rack 1.1 arrays as headers
|
|
186
186
|
unless cookies.is_a?(Array)
|
|
187
187
|
cookies = cookies.split("\n")
|
|
188
188
|
end
|
|
189
189
|
|
|
190
|
-
headers['
|
|
190
|
+
headers['set-cookie'] = cookies.map do |cookie|
|
|
191
191
|
cookie !~ /(^|;\s)secure($|;)/ ? "#{cookie}; secure" : cookie
|
|
192
|
-
end
|
|
192
|
+
end
|
|
193
193
|
end
|
|
194
194
|
end
|
|
195
195
|
|
|
@@ -200,7 +200,7 @@ module Rack
|
|
|
200
200
|
value = "max-age=#{opts[:expires]}"
|
|
201
201
|
value += "; includeSubDomains" if opts[:subdomains]
|
|
202
202
|
value += "; preload" if opts[:preload]
|
|
203
|
-
headers.merge!({ '
|
|
203
|
+
headers.merge!({ 'strict-transport-security' => value })
|
|
204
204
|
end
|
|
205
205
|
|
|
206
206
|
end
|
metadata
CHANGED
|
@@ -1,16 +1,30 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: spinels-rack-ssl-enforcer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tobias Matthies
|
|
8
8
|
- Thibaud Guillaume-Gentil
|
|
9
|
-
autorequire:
|
|
9
|
+
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
13
|
-
dependencies:
|
|
12
|
+
date: 2024-08-01 00:00:00.000000000 Z
|
|
13
|
+
dependencies:
|
|
14
|
+
- !ruby/object:Gem::Dependency
|
|
15
|
+
name: rack
|
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
|
17
|
+
requirements:
|
|
18
|
+
- - ">="
|
|
19
|
+
- !ruby/object:Gem::Version
|
|
20
|
+
version: 3.0.0
|
|
21
|
+
type: :runtime
|
|
22
|
+
prerelease: false
|
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
24
|
+
requirements:
|
|
25
|
+
- - ">="
|
|
26
|
+
- !ruby/object:Gem::Version
|
|
27
|
+
version: 3.0.0
|
|
14
28
|
description: Rack::SslEnforcer is a simple Rack middleware to enforce ssl connections
|
|
15
29
|
email:
|
|
16
30
|
- github@tobiasmatthies.de
|
|
@@ -31,7 +45,7 @@ licenses:
|
|
|
31
45
|
- MIT
|
|
32
46
|
metadata:
|
|
33
47
|
rubygems_mfa_required: 'true'
|
|
34
|
-
post_install_message:
|
|
48
|
+
post_install_message:
|
|
35
49
|
rdoc_options: []
|
|
36
50
|
require_paths:
|
|
37
51
|
- lib
|
|
@@ -39,15 +53,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
39
53
|
requirements:
|
|
40
54
|
- - ">="
|
|
41
55
|
- !ruby/object:Gem::Version
|
|
42
|
-
version: 1.
|
|
56
|
+
version: 3.1.0
|
|
43
57
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
44
58
|
requirements:
|
|
45
59
|
- - ">="
|
|
46
60
|
- !ruby/object:Gem::Version
|
|
47
61
|
version: 1.3.6
|
|
48
62
|
requirements: []
|
|
49
|
-
rubygems_version: 3.
|
|
50
|
-
signing_key:
|
|
63
|
+
rubygems_version: 3.5.11
|
|
64
|
+
signing_key:
|
|
51
65
|
specification_version: 4
|
|
52
66
|
summary: A simple Rack middleware to enforce SSL
|
|
53
67
|
test_files: []
|