unicorn-lockdown 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +8 -0
- data/files/unicorn_lockdown_add.rb +0 -1
- data/lib/unicorn-lockdown.rb +6 -3
- data/lib/unveiler.rb +6 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1d6578be3b39fdc48fdc0acaab810ef3029bc4e3f6484ecd3585d8dbf5b11d67
|
|
4
|
+
data.tar.gz: 6e7f7ceff3497829eb86504d03c2cf243a331ced69331da2c8d18ec518366ff9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 171877502073283aaefaf6724065ea3057dca70c6bc2e84363c093c57be916421b72d631b54e52aaed2ad4a332b31ac07d8560307efda170372458f4e7d27331
|
|
7
|
+
data.tar.gz: 357794d05df3022e0511b20db4dc72b6021e176b217b085959fdf8bce4eada097dca3a41c80576c312ddd54c640329decda5a6402a09b1d3481d4a4d4bbe9bdb
|
data/CHANGELOG
CHANGED
|
@@ -1,3 +1,11 @@
|
|
|
1
|
+
= 1.3.0 (2024-05-22)
|
|
2
|
+
|
|
3
|
+
* Eagerly require strscan to avoid issues if it is lazy loaded by rack's multipart parser (jeremyevans)
|
|
4
|
+
|
|
5
|
+
* Avoid string literal modifications to avoid warnings on Ruby 3.4 (jeremyevans)
|
|
6
|
+
|
|
7
|
+
* Remove X-XSS-Protection from generated nginx files, as MDN now recommends against it (jeremyevans)
|
|
8
|
+
|
|
1
9
|
= 1.2.0 (2022-11-16)
|
|
2
10
|
|
|
3
11
|
* Remove access_log format from generated nginx configurations (jeremyevans)
|
|
@@ -180,7 +180,6 @@ server {
|
|
|
180
180
|
proxy_redirect off;
|
|
181
181
|
add_header X-Content-Type-Options nosniff;
|
|
182
182
|
add_header X-Frame-Options deny;
|
|
183
|
-
add_header X-XSS-Protection "1; mode=block";
|
|
184
183
|
try_files $uri @#{app}_unicorn;
|
|
185
184
|
location @#{app}_unicorn {
|
|
186
185
|
proxy_pass http://#{app}_unicorn;
|
data/lib/unicorn-lockdown.rb
CHANGED
|
@@ -8,10 +8,13 @@
|
|
|
8
8
|
require 'pledge'
|
|
9
9
|
require 'unveil'
|
|
10
10
|
|
|
11
|
+
# Eagerly require strscan, lazily loaded by rack's multipart parser
|
|
12
|
+
require 'strscan'
|
|
13
|
+
|
|
11
14
|
# Load common encodings
|
|
12
|
-
"\255".force_encoding('ISO8859-1').encode('UTF-8')
|
|
13
|
-
''.force_encoding('UTF-16LE')
|
|
14
|
-
''.force_encoding('UTF-16BE')
|
|
15
|
+
"\255".dup.force_encoding('ISO8859-1').encode('UTF-8')
|
|
16
|
+
''.dup.force_encoding('UTF-16LE')
|
|
17
|
+
''.dup.force_encoding('UTF-16BE')
|
|
15
18
|
|
|
16
19
|
class Unicorn::HttpServer
|
|
17
20
|
# The file name in which to store request information.
|
data/lib/unveiler.rb
CHANGED
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
require 'pledge'
|
|
2
2
|
require 'unveil'
|
|
3
3
|
|
|
4
|
+
# Eagerly require strscan, lazily loaded by rack's multipart parser
|
|
5
|
+
require 'strscan'
|
|
6
|
+
|
|
4
7
|
# Load encodings
|
|
5
|
-
"\255".force_encoding('ISO8859-1').encode('UTF-8')
|
|
6
|
-
''.force_encoding('UTF-16LE')
|
|
7
|
-
''.force_encoding('UTF-16BE')
|
|
8
|
+
"\255".dup.force_encoding('ISO8859-1').encode('UTF-8')
|
|
9
|
+
''.dup.force_encoding('UTF-16LE')
|
|
10
|
+
''.dup.force_encoding('UTF-16BE')
|
|
8
11
|
|
|
9
12
|
# Don't run external diff program for failures
|
|
10
13
|
Minitest::Assertions.diff = false if defined?(Minitest::Assertions)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: unicorn-lockdown
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Evans
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-05-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: pledge
|
|
@@ -138,7 +138,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
138
138
|
- !ruby/object:Gem::Version
|
|
139
139
|
version: '0'
|
|
140
140
|
requirements: []
|
|
141
|
-
rubygems_version: 3.
|
|
141
|
+
rubygems_version: 3.5.9
|
|
142
142
|
signing_key:
|
|
143
143
|
specification_version: 4
|
|
144
144
|
summary: Helper library for running Unicorn with fork+exec/unveil/pledge on OpenBSD
|