RubyGems - web_package - Versions diffs - 0.3.0 → 0.4.0 - Mend

web_package 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/README.md +11 -33
data/lib/web_package/middleware.rb +2 -14
data/lib/web_package/settings.rb +6 -4
data/lib/web_package/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ed6ee8b93f831a07db19a0d5417a95016249684b80e4bf4851734eafa981767
-  data.tar.gz: 56d44e9da44fccf0ec9930b5d3c413cd40c69804b8ece3f623efe708ce648ba6
+  metadata.gz: 80ac1fffcb44aa2fdd40358c5d994fddfa6c5eacf70727bf46c05e4271db6ed2
+  data.tar.gz: 89694162bad1fd4df6827e004f82a9a8b05bd7d849eff35a586dfcc5b6259eba
 SHA512:
-  metadata.gz: 6c4450c2b1516454768e88c3822a11c6a0ebbb586e23137d63057b567a9a848da0b9d2a23d37094ac6059b73cbd308d373f3522f892e8f2c139b9d695adbaa31
-  data.tar.gz: b18b853f8c241626688110dd57757b7dba2b1f3b762dfd0f17c54c530782429bebea6c1b737c029d9950110352c2431ba1ba1f130a9b4a4343fa6c7459de6879
+  metadata.gz: 6dd25a2fee108b1394acfe0a322ab27eb8864bbe29d1b59926be70f555a0a636c26f5a4a55928c3c31c7100c96c23cf831491f76d2f3e47883d5cc48e0f888ed
+  data.tar.gz: 0a87488d00d511656f2a815b4de505986f213fb0963de52ae33e3c4619b8773fcbe5a538f7d5481046665c9f0987f54586b2ece994863ce6945ad448f46cba90

data/README.md CHANGED Viewed

@@ -18,39 +18,17 @@ E.g.
 ```ruby
 # variables can be set all at once:
 WebPackage::Settings.merge! expires_in: ->(uri) { uri.path.start_with?('/news') ? 7.days : 1.day },
-                            filter: ->(env) { env['HTTP_HOST'].start_with?('amp') },
-                            sub_extension: '.html'
+                            filter: ->(env) { env['HTTP_ACCEPT'].include?('application/signed-exchange;v=b3') }
 # or individually via dot-methods:
 WebPackage::Settings.cert_url = 'https://my.cdn.com/cert.cbor'
 ```
-#### headers
-A `Hash`, representing html headers of SXG (outer) response.
-By default three headers are set: `Content-Type`, `Cache-Control`, `X-Content-Type-Options`.
-#### expires_in
-An `Integer` or a `Proc` evaluating to an `Integer` or an object responding to `to_i`. It sets the lifetime of signed exchange, in seconds.
-Default value is 7 days (604800 seconds), which is the maximum allowed by the standard. Please mind it when supplying your `Proc`.
-#### sub_extension
-A `String` or `nil`, representing an extension to use for proxying `.sxg` requests.
-Default value is `nil`, which means that `.sxg` extension is just removed from the path for the rest of Rack middlewares.
-#### filter
-A `Proc`, accepting a single argument of environment and returning boolean value. The filter determines for which requests `.sxg` formatted routes should be added.
-Default value is `->(env) { true }`, which means that all requests are permitted and hence can be processed in SXG format using `.sxg` extension.
-#### cert_url, cert_path, priv_path
-All three are `String`, pointing to a certificate with which all pages are to be signed:
-  - `cert_url` is the url of a certificate in `application/cert-chain+cbor` format
-  - `cert_path` and `priv_path` are two paths pointing at `pem` file and private key file respectively.
-These are the only parameters which do not have default values. An exception is raised if they are not set beforehand. Please refer below to the section of _Required variables_ on the ways to set them.
+| Parameter | Description  | Default value |
+|-----------|--------------|---------------|
+| *headers* | A `Hash`, representing html headers of SXG (outer) response. | `{ 'Content-Type' => 'application/signed-exchange;v=b3', 'Cache-Control' => 'no-transform', 'X-Content-Type-Options' => 'nosniff' }`|
+| *expires_in* | An `Integer` or a `Proc` evaluating to an `Integer` or an object responding to `to_i`. It sets the lifetime of signed exchange, in seconds.| `604800` (7 days), which is the maximum allowed by the standard. Please mind it when supplying your `Proc`.|
+| *filter* | A `Proc`, accepting a single argument of environment and returning boolean value. The filter determines for which requests an SXG format should be served. | `->(env) { env['HTTP_ACCEPT'].include?('application/signed-exchange') }`|
+| *cert_url, cert_path, priv_path* | All three are of `String` class, pointing to a certificate with which all pages are to be signed: <br>- `cert_url` is the url of a certificate in `application/cert-chain+cbor` format <br>- `cert_path` and `priv_path` are two paths pointing at `pem` file and private key file respectively. | These are the only parameters which do not have default values. An exception is raised if they are not set beforehand. Please refer below to the section of _Required variables_ on the ways to set them.|
 ### Required variables
@@ -74,7 +52,7 @@ WebPackage::Settings.cert_url = 'https://my.cdn.com/cert.cbor'
 ### Use it as a middleware
-`WebPackage::Middleware` can handle `.sxg`-format requests by wrapping the respective HTML contents into signed exchange response. For example the route `https://my.app.com/abc.sxg` will respond with signed contents for `https://my.app.com/abc`.
+`WebPackage::Middleware` wraps HTML responses for desired requests into signed exchange format.
 If you already have a Rack-based application (like Rails or Sinatra), than it is easy to incorporate an SXG proxy into its middleware stack.
@@ -89,7 +67,7 @@ And then plug the middleware in:
 config.middleware.insert 0, 'WebPackage::Middleware'
 ```
-That is it. Now all successful `.sxg` requests will be wrapped into signed exchanges.
+That is it. Now all successful requests with `Accept: application/signed-exchange` header will be wrapped into signed exchanges.
 #### Pure Rack app
 Imagine we have a simple web app:
@@ -106,12 +84,12 @@ gem 'web_package'
 use WebPackage::Middleware
 ```
-We are done. Start your app by running a command `rackup config.ru`. Now all supplimentary `.sxg` routes will be available just out of the box.<br>
+We are done. Start your app by running a command `rackup config.ru`.<br>
 As expected, visiting `http://localhost:9292/hello` will produce:
 ```html
 <h1>Hello world!</h1>
 ```
-What's more, visiting `http://localhost:9292/hello.sxg` will spit signed http exchange, containing original `<h1>Hello world!</h1>` HTML:
+What's more, visiting `http://localhost:9292/hello` with `Accept: application/signed-exchange` header will spit signed http exchange, containing original `<h1>Hello world!</h1>` HTML:
 ```text
 sxg1-b3\x00\x00\x1Chttps://localhost:9292/hello\x00\x019\x00\x00?label;cert-sha256=*+DoXYlCX+bFRyW65R3bFA2ICIz8Tyu54MLFUFo5tziA=*;cert-url=\"https://my.cdn.com/cert.cbor\";date=1557657274;expires=1558262074;integrity=\"digest/mi-sha256-03\";sig=*MEUCIAKKz+KSuhlzywfU12h3SkEq5ZuYYMxDZIgEDGYMd9sAAiEAj66Il48eb0CXFAnuZhnS+j6dqZVLJ6IwUVGWShhQu9g=*;validity-url=\"https://localhost/hello\"?FdigestX9mi-sha256-03=4QeUScOpSoJl7KJ47F11rSDHUTHZhDVwLiSLOWMcvqg=G:statusC200Pcontent-encodingLmi-sha256-03Vx-content-type-optionsGnosniff\x00\x00\x00\x00\x00\x00@\x00<h1>Hello world!</h1>
 ```

data/lib/web_package/middleware.rb CHANGED Viewed

@@ -1,5 +1,4 @@
 module WebPackage
-  SXG_EXT = '.sxg'.freeze
   SXG_FLAG = 'web_package.sxg'.freeze
   # A Rack-compatible middleware.
@@ -15,10 +14,9 @@ module WebPackage
     private
     def process(env)
-      env[SXG_FLAG] = true if substitute_sxg_extension!(env['PATH_INFO'])
+      env[SXG_FLAG] = true
       response = @app.call(env)
-      return response unless response[0] == 200 && env[SXG_FLAG]
+      return response if response[0] != 200
       # the original body must be closed first
       response[2].close if response[2].respond_to? :close
@@ -27,16 +25,6 @@ module WebPackage
       SignedHttpExchange.new(uri(env), response).to_rack_response
     end
-    def substitute_sxg_extension!(path)
-      return unless path.is_a?(String) && (i = path.rindex(SXG_EXT))
-      # check that extension is either the last char or followed by a slash
-      ch = path[i + SXG_EXT.size]
-      return if ch && ch != ?/
-      path[i, SXG_EXT.size] = Settings.sub_extension.to_s
-    end
     def uri(env)
       URI("https://#{env['HTTP_HOST'] || env['SERVER_NAME']}").tap do |u|
         path  = env['PATH_INFO']

data/lib/web_package/settings.rb CHANGED Viewed

@@ -1,13 +1,15 @@
 module WebPackage
-  OPTIONS = %i[headers expires_in sub_extension filter cert_url cert_path priv_path].freeze
-  ENV_KEYS = Set.new(%w[SXG_CERT_URL SXG_CERT_PATH SXG_PRIV_PATH]).freeze
+  OPTIONS       = %i[headers expires_in filter cert_url cert_path priv_path].freeze
+  ENV_KEYS      = Set.new(%w[SXG_CERT_URL SXG_CERT_PATH SXG_PRIV_PATH]).freeze
+  SXG_MIME_TYPE = 'application/signed-exchange'.freeze
+  ACCEPT_HEADER = 'HTTP_ACCEPT'.freeze
   DEFAULTS = {
     headers: { 'Content-Type'           => 'application/signed-exchange;v=b3',
                'Cache-Control'          => 'no-transform',
                'X-Content-Type-Options' => 'nosniff' },
     expires_in:    60 * 60 * 24 * 7, # 7.days
-    sub_extension: nil, # proxy as default format (html)
-    filter: ->(_env) { true } # all requests are permitted
+    filter: ->(env) { env[ACCEPT_HEADER].include?(SXG_MIME_TYPE) }
   }.freeze
   Settings = ConfigurationHash.new(OPTIONS) do |config, key|

data/lib/web_package/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module WebPackage
-  VERSION = '0.3.0'.freeze
+  VERSION = '0.4.0'.freeze
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: web_package
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Oleg Afanasyev
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-21 00:00:00.000000000 Z
+date: 2019-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop