RubyGems - web_package - Versions diffs - 0.3.0 → 0.4.0 - Mend

web_package 0.3.0 → 0.4.0

Files changed (6) hide show

checksums.yaml +4 -4
data/README.md +11 -33
data/lib/web_package/middleware.rb +2 -14
data/lib/web_package/settings.rb +6 -4
data/lib/web_package/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ed6ee8b93f831a07db19a0d5417a95016249684b80e4bf4851734eafa981767
-  data.tar.gz: 56d44e9da44fccf0ec9930b5d3c413cd40c69804b8ece3f623efe708ce648ba6
+  metadata.gz: 80ac1fffcb44aa2fdd40358c5d994fddfa6c5eacf70727bf46c05e4271db6ed2
+  data.tar.gz: 89694162bad1fd4df6827e004f82a9a8b05bd7d849eff35a586dfcc5b6259eba
 SHA512:
-  metadata.gz: 6c4450c2b1516454768e88c3822a11c6a0ebbb586e23137d63057b567a9a848da0b9d2a23d37094ac6059b73cbd308d373f3522f892e8f2c139b9d695adbaa31
-  data.tar.gz: b18b853f8c241626688110dd57757b7dba2b1f3b762dfd0f17c54c530782429bebea6c1b737c029d9950110352c2431ba1ba1f130a9b4a4343fa6c7459de6879
+  metadata.gz: 6dd25a2fee108b1394acfe0a322ab27eb8864bbe29d1b59926be70f555a0a636c26f5a4a55928c3c31c7100c96c23cf831491f76d2f3e47883d5cc48e0f888ed
+  data.tar.gz: 0a87488d00d511656f2a815b4de505986f213fb0963de52ae33e3c4619b8773fcbe5a538f7d5481046665c9f0987f54586b2ece994863ce6945ad448f46cba90

data/README.md CHANGED Viewed

@@ -18,39 +18,17 @@ E.g.
 ```ruby
 # variables can be set all at once:
 WebPackage::Settings.merge! expires_in: ->(uri) { uri.path.start_with?('/news') ? 7.days : 1.day },
-                            filter: ->(env) { env['HTTP_HOST'].start_with?('amp') },
-                            sub_extension: '.html'
+                            filter: ->(env) { env['HTTP_ACCEPT'].include?('application/signed-exchange;v=b3') }
 # or individually via dot-methods:
 WebPackage::Settings.cert_url = 'https://my.cdn.com/cert.cbor'
 ```
-#### headers
-A `Hash`, representing html headers of SXG (outer) response.
-By default three headers are set: `Content-Type`, `Cache-Control`, `X-Content-Type-Options`.
-#### expires_in
-An `Integer` or a `Proc` evaluating to an `Integer` or an object responding to `to_i`. It sets the lifetime of signed exchange, in seconds.
-Default value is 7 days (604800 seconds), which is the maximum allowed by the standard. Please mind it when supplying your `Proc`.
-#### sub_extension
-A `String` or `nil`, representing an extension to use for proxying `.sxg` requests.
-Default value is `nil`, which means that `.sxg` extension is just removed from the path for the rest of Rack middlewares.
-#### filter
-A `Proc`, accepting a single argument of environment and returning boolean value. The filter determines for which requests `.sxg` formatted routes should be added.
-Default value is `->(env) { true }`, which means that all requests are permitted and hence can be processed in SXG format using `.sxg` extension.
-#### cert_url, cert_path, priv_path
-All three are `String`, pointing to a certificate with which all pages are to be signed:
-  - `cert_url` is the url of a certificate in `application/cert-chain+cbor` format
-  - `cert_path` and `priv_path` are two paths pointing at `pem` file and private key file respectively.
-These are the only parameters which do not have default values. An exception is raised if they are not set beforehand. Please refer below to the section of _Required variables_ on the ways to set them.
+| Parameter | Description  | Default value |
+|-----------|--------------|---------------|
+| *headers* | A `Hash`, representing html headers of SXG (outer) response. | `{ 'Content-Type' => 'application/signed-exchange;v=b3', 'Cache-Control' => 'no-transform', 'X-Content-Type-Options' => 'nosniff' }`|
+| *expires_in* | An `Integer` or a `Proc` evaluating to an `Integer` or an object responding to `to_i`. It sets the lifetime of signed exchange, in seconds.| `604800` (7 days), which is the maximum allowed by the standard. Please mind it when supplying your `Proc`.|
+| *filter* | A `Proc`, accepting a single argument of environment and returning boolean value. The filter determines for which requests an SXG format should be served. | `->(env) { env['HTTP_ACCEPT'].include?('application/signed-exchange') }`|
+| *cert_url, cert_path, priv_path* | All three are of `String` class, pointing to a certificate with which all pages are to be signed: <br>- `cert_url` is the url of a certificate in `application/cert-chain+cbor` format <br>- `cert_path` and `priv_path` are two paths pointing at `pem` file and private key file respectively. | These are the only parameters which do not have default values. An exception is raised if they are not set beforehand. Please refer below to the section of _Required variables_ on the ways to set them.|
 ### Required variables
@@ -74,7 +52,7 @@ WebPackage::Settings.cert_url = 'https://my.cdn.com/cert.cbor'
 ### Use it as a middleware
-`WebPackage::Middleware` can handle `.sxg`-format requests by wrapping the respective HTML contents into signed exchange response. For example the route `https://my.app.com/abc.sxg` will respond with signed contents for `https://my.app.com/abc`.
+`WebPackage::Middleware` wraps HTML responses for desired requests into signed exchange format.
 If you already have a Rack-based application (like Rails or Sinatra), than it is easy to incorporate an SXG proxy into its middleware stack.
@@ -89,7 +67,7 @@ And then plug the middleware in:
 config.middleware.insert 0, 'WebPackage::Middleware'
 ```
-That is it. Now all successful `.sxg` requests will be wrapped into signed exchanges.
+That is it. Now all successful requests with `Accept: application/signed-exchange` header will be wrapped into signed exchanges.
 #### Pure Rack app
 Imagine we have a simple web app:
@@ -106,12 +84,12 @@ gem 'web_package'
 use WebPackage::Middleware
 ```
-We are done. Start your app by running a command `rackup config.ru`. Now all supplimentary `.sxg` routes will be available just out of the box.<br>
+We are done. Start your app by running a command `rackup config.ru`.<br>
 As expected, visiting `http://localhost:9292/hello` will produce:
 ```html
 <h1>Hello world!</h1>
 ```
-What's more, visiting `http://localhost:9292/hello.sxg` will spit signed http exchange, containing original `<h1>Hello world!</h1>` HTML:
+What's more, visiting `http://localhost:9292/hello` with `Accept: application/signed-exchange` header will spit signed http exchange, containing original `<h1>Hello world!</h1>` HTML:
 ```text
 sxg1-b3\x00\x00\x1Chttps://localhost:9292/hello\x00\x019\x00\x00?label;cert-sha256=*+DoXYlCX+bFRyW65R3bFA2ICIz8Tyu54MLFUFo5tziA=*;cert-url=\"https://my.cdn.com/cert.cbor\";date=1557657274;expires=1558262074;integrity=\"digest/mi-sha256-03\";sig=*MEUCIAKKz+KSuhlzywfU12h3SkEq5ZuYYMxDZIgEDGYMd9sAAiEAj66Il48eb0CXFAnuZhnS+j6dqZVLJ6IwUVGWShhQu9g=*;validity-url=\"https://localhost/hello\"?FdigestX9mi-sha256-03=4QeUScOpSoJl7KJ47F11rSDHUTHZhDVwLiSLOWMcvqg=G:statusC200Pcontent-encodingLmi-sha256-03Vx-content-type-optionsGnosniff\x00\x00\x00\x00\x00\x00@\x00<h1>Hello world!</h1>
 ```

data/lib/web_package/middleware.rb CHANGED Viewed

@@ -1,5 +1,4 @@
 module WebPackage
-  SXG_EXT = '.sxg'.freeze
   SXG_FLAG = 'web_package.sxg'.freeze
   # A Rack-compatible middleware.
@@ -15,10 +14,9 @@ module WebPackage
     private
     def process(env)
-      env[SXG_FLAG] = true if substitute_sxg_extension!(env['PATH_INFO'])
+      env[SXG_FLAG] = true
       response = @app.call(env)
-      return response unless response[0] == 200 && env[SXG_FLAG]
+      return response if response[0] != 200
       # the original body must be closed first
       response[2].close if response[2].respond_to? :close
@@ -27,16 +25,6 @@ module WebPackage
       SignedHttpExchange.new(uri(env), response).to_rack_response
     end
-    def substitute_sxg_extension!(path)
-      return unless path.is_a?(String) && (i = path.rindex(SXG_EXT))
-      # check that extension is either the last char or followed by a slash
-      ch = path[i + SXG_EXT.size]
-      return if ch && ch != ?/
-      path[i, SXG_EXT.size] = Settings.sub_extension.to_s
-    end
     def uri(env)
       URI("https://#{env['HTTP_HOST'] || env['SERVER_NAME']}").tap do |u|
         path  = env['PATH_INFO']

data/lib/web_package/settings.rb CHANGED Viewed

@@ -1,13 +1,15 @@
 module WebPackage
-  OPTIONS = %i[headers expires_in sub_extension filter cert_url cert_path priv_path].freeze
-  ENV_KEYS = Set.new(%w[SXG_CERT_URL SXG_CERT_PATH SXG_PRIV_PATH]).freeze
+  OPTIONS       = %i[headers expires_in filter cert_url cert_path priv_path].freeze
+  ENV_KEYS      = Set.new(%w[SXG_CERT_URL SXG_CERT_PATH SXG_PRIV_PATH]).freeze
+  SXG_MIME_TYPE = 'application/signed-exchange'.freeze
+  ACCEPT_HEADER = 'HTTP_ACCEPT'.freeze
   DEFAULTS = {
     headers: { 'Content-Type'           => 'application/signed-exchange;v=b3',
                'Cache-Control'          => 'no-transform',
                'X-Content-Type-Options' => 'nosniff' },
     expires_in:    60 * 60 * 24 * 7, # 7.days
-    sub_extension: nil, # proxy as default format (html)
-    filter: ->(_env) { true } # all requests are permitted
+    filter: ->(env) { env[ACCEPT_HEADER].include?(SXG_MIME_TYPE) }
   }.freeze
   Settings = ConfigurationHash.new(OPTIONS) do |config, key|

data/lib/web_package/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module WebPackage
-  VERSION = '0.3.0'.freeze
+  VERSION = '0.4.0'.freeze
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: web_package
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Oleg Afanasyev
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-21 00:00:00.000000000 Z
+date: 2019-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop