unicorn-lockdown 1.2.0 → 1.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +8 -0
- data/files/unicorn_lockdown_add.rb +0 -1
- data/lib/unicorn-lockdown.rb +6 -3
- data/lib/unveiler.rb +6 -3
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1d6578be3b39fdc48fdc0acaab810ef3029bc4e3f6484ecd3585d8dbf5b11d67
|
4
|
+
data.tar.gz: 6e7f7ceff3497829eb86504d03c2cf243a331ced69331da2c8d18ec518366ff9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 171877502073283aaefaf6724065ea3057dca70c6bc2e84363c093c57be916421b72d631b54e52aaed2ad4a332b31ac07d8560307efda170372458f4e7d27331
|
7
|
+
data.tar.gz: 357794d05df3022e0511b20db4dc72b6021e176b217b085959fdf8bce4eada097dca3a41c80576c312ddd54c640329decda5a6402a09b1d3481d4a4d4bbe9bdb
|
data/CHANGELOG
CHANGED
@@ -1,3 +1,11 @@
|
|
1
|
+
= 1.3.0 (2024-05-22)
|
2
|
+
|
3
|
+
* Eagerly require strscan to avoid issues if it is lazy loaded by rack's multipart parser (jeremyevans)
|
4
|
+
|
5
|
+
* Avoid string literal modifications to avoid warnings on Ruby 3.4 (jeremyevans)
|
6
|
+
|
7
|
+
* Remove X-XSS-Protection from generated nginx files, as MDN now recommends against it (jeremyevans)
|
8
|
+
|
1
9
|
= 1.2.0 (2022-11-16)
|
2
10
|
|
3
11
|
* Remove access_log format from generated nginx configurations (jeremyevans)
|
@@ -180,7 +180,6 @@ server {
|
|
180
180
|
proxy_redirect off;
|
181
181
|
add_header X-Content-Type-Options nosniff;
|
182
182
|
add_header X-Frame-Options deny;
|
183
|
-
add_header X-XSS-Protection "1; mode=block";
|
184
183
|
try_files $uri @#{app}_unicorn;
|
185
184
|
location @#{app}_unicorn {
|
186
185
|
proxy_pass http://#{app}_unicorn;
|
data/lib/unicorn-lockdown.rb
CHANGED
@@ -8,10 +8,13 @@
|
|
8
8
|
require 'pledge'
|
9
9
|
require 'unveil'
|
10
10
|
|
11
|
+
# Eagerly require strscan, lazily loaded by rack's multipart parser
|
12
|
+
require 'strscan'
|
13
|
+
|
11
14
|
# Load common encodings
|
12
|
-
"\255".force_encoding('ISO8859-1').encode('UTF-8')
|
13
|
-
''.force_encoding('UTF-16LE')
|
14
|
-
''.force_encoding('UTF-16BE')
|
15
|
+
"\255".dup.force_encoding('ISO8859-1').encode('UTF-8')
|
16
|
+
''.dup.force_encoding('UTF-16LE')
|
17
|
+
''.dup.force_encoding('UTF-16BE')
|
15
18
|
|
16
19
|
class Unicorn::HttpServer
|
17
20
|
# The file name in which to store request information.
|
data/lib/unveiler.rb
CHANGED
@@ -1,10 +1,13 @@
|
|
1
1
|
require 'pledge'
|
2
2
|
require 'unveil'
|
3
3
|
|
4
|
+
# Eagerly require strscan, lazily loaded by rack's multipart parser
|
5
|
+
require 'strscan'
|
6
|
+
|
4
7
|
# Load encodings
|
5
|
-
"\255".force_encoding('ISO8859-1').encode('UTF-8')
|
6
|
-
''.force_encoding('UTF-16LE')
|
7
|
-
''.force_encoding('UTF-16BE')
|
8
|
+
"\255".dup.force_encoding('ISO8859-1').encode('UTF-8')
|
9
|
+
''.dup.force_encoding('UTF-16LE')
|
10
|
+
''.dup.force_encoding('UTF-16BE')
|
8
11
|
|
9
12
|
# Don't run external diff program for failures
|
10
13
|
Minitest::Assertions.diff = false if defined?(Minitest::Assertions)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: unicorn-lockdown
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jeremy Evans
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-05-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: pledge
|
@@ -138,7 +138,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
138
138
|
- !ruby/object:Gem::Version
|
139
139
|
version: '0'
|
140
140
|
requirements: []
|
141
|
-
rubygems_version: 3.
|
141
|
+
rubygems_version: 3.5.9
|
142
142
|
signing_key:
|
143
143
|
specification_version: 4
|
144
144
|
summary: Helper library for running Unicorn with fork+exec/unveil/pledge on OpenBSD
|