├── .gitignore ├── .rspec ├── .travis.yml ├── .yardopts ├── CODEOWNERS ├── ChangeLog.md ├── Gemfile ├── LICENSE.txt ├── README.md ├── Rakefile ├── http-security.gemspec ├── lib └── http │ ├── security.rb │ └── security │ ├── exceptions.rb │ ├── headers.rb │ ├── headers │ ├── cache_control.rb │ ├── content_security_policy.rb │ ├── content_security_policy_report_only.rb │ ├── pragma.rb │ ├── public_key_pins.rb │ ├── public_key_pins_report_only.rb │ ├── set_cookie.rb │ ├── strict_transport_security.rb │ ├── x_content_type_options.rb │ ├── x_frame_options.rb │ ├── x_permitted_cross_domain_policies.rb │ └── x_xss_protection.rb │ ├── http_date.rb │ ├── malformed_header.rb │ ├── parsers.rb │ ├── parsers │ ├── cache_control.rb │ ├── content_security_policy.rb │ ├── content_security_policy_report_only.rb │ ├── expires.rb │ ├── parser.rb │ ├── pragma.rb │ ├── public_key_pins.rb │ ├── public_key_pins_report_only.rb │ ├── set_cookie.rb │ ├── strict_transport_security.rb │ ├── x_content_type_options.rb │ ├── x_frame_options.rb │ ├── x_permitted_cross_domain_policies.rb │ └── x_xss_protection.rb │ ├── response.rb │ └── version.rb ├── spec ├── data │ └── alexa.csv ├── headers │ ├── cache_control_spec.rb │ ├── content_security_policy_spec.rb │ ├── pragma_spec.rb │ ├── public_key_pins_spec.rb │ ├── set_cookie_spec.rb │ ├── strict_transport_security_spec.rb │ ├── x_content_type_options_spec.rb │ ├── x_frame_options_spec.rb │ ├── x_permitted_cross_domain_policies_spec.rb │ └── x_xss_protection_spec.rb ├── malformed_header.rb ├── parsers │ ├── cache_control_spec.rb │ ├── content_security_policy_report_only_spec.rb │ ├── content_security_policy_spec.rb │ ├── expires_spec.rb │ ├── parser_spec.rb │ ├── pragma_spec.rb │ ├── public_key_pins_spec.rb │ ├── set_cookie_spec.rb │ ├── strict_transport_security_spec.rb │ ├── x_content_type_options_spec.rb │ ├── x_frame_options_spec.rb │ ├── x_permitted_cross_domain_policies_spec.rb │ └── x_xss_protection_spec.rb ├── response_spec.rb └── spec_helper.rb └── tasks └── alexa.rb /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/.gitignore -------------------------------------------------------------------------------- /.rspec: -------------------------------------------------------------------------------- 1 | --colour --format documentation 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/.travis.yml -------------------------------------------------------------------------------- /.yardopts: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/.yardopts -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @kaoudis @woodruffw 2 | -------------------------------------------------------------------------------- /ChangeLog.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/ChangeLog.md -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/Gemfile -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/LICENSE.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/README.md -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/Rakefile -------------------------------------------------------------------------------- /http-security.gemspec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/http-security.gemspec -------------------------------------------------------------------------------- /lib/http/security.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security.rb -------------------------------------------------------------------------------- /lib/http/security/exceptions.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/exceptions.rb -------------------------------------------------------------------------------- /lib/http/security/headers.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers.rb -------------------------------------------------------------------------------- /lib/http/security/headers/cache_control.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/cache_control.rb -------------------------------------------------------------------------------- /lib/http/security/headers/content_security_policy.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/content_security_policy.rb -------------------------------------------------------------------------------- /lib/http/security/headers/content_security_policy_report_only.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/content_security_policy_report_only.rb -------------------------------------------------------------------------------- /lib/http/security/headers/pragma.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/pragma.rb -------------------------------------------------------------------------------- /lib/http/security/headers/public_key_pins.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/public_key_pins.rb -------------------------------------------------------------------------------- /lib/http/security/headers/public_key_pins_report_only.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/public_key_pins_report_only.rb -------------------------------------------------------------------------------- /lib/http/security/headers/set_cookie.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/set_cookie.rb -------------------------------------------------------------------------------- /lib/http/security/headers/strict_transport_security.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/strict_transport_security.rb -------------------------------------------------------------------------------- /lib/http/security/headers/x_content_type_options.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/x_content_type_options.rb -------------------------------------------------------------------------------- /lib/http/security/headers/x_frame_options.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/x_frame_options.rb -------------------------------------------------------------------------------- /lib/http/security/headers/x_permitted_cross_domain_policies.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/x_permitted_cross_domain_policies.rb -------------------------------------------------------------------------------- /lib/http/security/headers/x_xss_protection.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/headers/x_xss_protection.rb -------------------------------------------------------------------------------- /lib/http/security/http_date.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/http_date.rb -------------------------------------------------------------------------------- /lib/http/security/malformed_header.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/malformed_header.rb -------------------------------------------------------------------------------- /lib/http/security/parsers.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/cache_control.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/cache_control.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/content_security_policy.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/content_security_policy.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/content_security_policy_report_only.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/content_security_policy_report_only.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/expires.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/expires.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/parser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/parser.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/pragma.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/pragma.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/public_key_pins.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/public_key_pins.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/public_key_pins_report_only.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/public_key_pins_report_only.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/set_cookie.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/set_cookie.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/strict_transport_security.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/strict_transport_security.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/x_content_type_options.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/x_content_type_options.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/x_frame_options.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/x_frame_options.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/x_permitted_cross_domain_policies.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/x_permitted_cross_domain_policies.rb -------------------------------------------------------------------------------- /lib/http/security/parsers/x_xss_protection.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/parsers/x_xss_protection.rb -------------------------------------------------------------------------------- /lib/http/security/response.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/response.rb -------------------------------------------------------------------------------- /lib/http/security/version.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/lib/http/security/version.rb -------------------------------------------------------------------------------- /spec/data/alexa.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/data/alexa.csv -------------------------------------------------------------------------------- /spec/headers/cache_control_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/cache_control_spec.rb -------------------------------------------------------------------------------- /spec/headers/content_security_policy_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/content_security_policy_spec.rb -------------------------------------------------------------------------------- /spec/headers/pragma_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/pragma_spec.rb -------------------------------------------------------------------------------- /spec/headers/public_key_pins_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/public_key_pins_spec.rb -------------------------------------------------------------------------------- /spec/headers/set_cookie_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/set_cookie_spec.rb -------------------------------------------------------------------------------- /spec/headers/strict_transport_security_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/strict_transport_security_spec.rb -------------------------------------------------------------------------------- /spec/headers/x_content_type_options_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/x_content_type_options_spec.rb -------------------------------------------------------------------------------- /spec/headers/x_frame_options_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/x_frame_options_spec.rb -------------------------------------------------------------------------------- /spec/headers/x_permitted_cross_domain_policies_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/x_permitted_cross_domain_policies_spec.rb -------------------------------------------------------------------------------- /spec/headers/x_xss_protection_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/headers/x_xss_protection_spec.rb -------------------------------------------------------------------------------- /spec/malformed_header.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/malformed_header.rb -------------------------------------------------------------------------------- /spec/parsers/cache_control_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/cache_control_spec.rb -------------------------------------------------------------------------------- /spec/parsers/content_security_policy_report_only_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/content_security_policy_report_only_spec.rb -------------------------------------------------------------------------------- /spec/parsers/content_security_policy_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/content_security_policy_spec.rb -------------------------------------------------------------------------------- /spec/parsers/expires_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/expires_spec.rb -------------------------------------------------------------------------------- /spec/parsers/parser_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/parser_spec.rb -------------------------------------------------------------------------------- /spec/parsers/pragma_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/pragma_spec.rb -------------------------------------------------------------------------------- /spec/parsers/public_key_pins_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/public_key_pins_spec.rb -------------------------------------------------------------------------------- /spec/parsers/set_cookie_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/set_cookie_spec.rb -------------------------------------------------------------------------------- /spec/parsers/strict_transport_security_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/strict_transport_security_spec.rb -------------------------------------------------------------------------------- /spec/parsers/x_content_type_options_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/x_content_type_options_spec.rb -------------------------------------------------------------------------------- /spec/parsers/x_frame_options_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/x_frame_options_spec.rb -------------------------------------------------------------------------------- /spec/parsers/x_permitted_cross_domain_policies_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/x_permitted_cross_domain_policies_spec.rb -------------------------------------------------------------------------------- /spec/parsers/x_xss_protection_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/parsers/x_xss_protection_spec.rb -------------------------------------------------------------------------------- /spec/response_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/response_spec.rb -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/spec/spec_helper.rb -------------------------------------------------------------------------------- /tasks/alexa.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/trailofbits/http-security/HEAD/tasks/alexa.rb --------------------------------------------------------------------------------