Skip to content

Commit

Permalink
Merge pull request #1608 from ontohub/update_gems
Browse files Browse the repository at this point in the history 
Update gems
  • Loading branch information
@eugenk
eugenk committed Mar 7, 2016
2 parents bfa422f + d8b8f27 commit df66867
Show file tree
Hide file tree
Showing 5 changed files with 43 additions and 49 deletions.
8 changes: 6 additions & 2 deletions Gemfile
View file
Expand Up @@ -2,7 +2,7 @@ source 'https://rubygems.org'

gem 'rails', '~> 3.2.22'
gem 'rack-protection', '~> 1.5.3'
gem 'secure_headers', '~> 2.5.1'
gem 'secure_headers', '~> 3.0.3'

gem 'rack-mini-profiler', require: false

Expand Down Expand Up @@ -145,7 +145,11 @@ group :test do
gem 'poltergeist', '~> 1.8.0'
gem 'launchy', '~> 2.4.3'

gem 'cucumber-rails', '~> 1.4', require: false
gem 'cucumber-rails', '~> 1.4.2', require: false
# Versions >= 2.0 are not supported by our formatter.
# This is a dependency of cucumber-rails. We need to limit the version to 1.x
gem 'cucumber', '~> 1.3', require: false

# Code Coverage Analysis
gem 'simplecov', '~> 0.11.0', require: false

Expand Down
72 changes: 36 additions & 36 deletions Gemfile.lock
View file
Expand Up @@ -84,10 +84,9 @@ GEM
addressable (2.3.8)
ansi (1.5.0)
arel (3.0.3)
autoprefixer-rails (6.3.1)
autoprefixer-rails (6.3.3.1)
execjs
json
bcrypt (3.1.10)
bcrypt (3.1.11)
better_errors (2.1.1)
coderay (>= 1.0.0)
erubis (>= 2.6.6)
Expand All @@ -99,7 +98,7 @@ GEM
sass (>= 3.3.0)
bootstrap-select-rails (1.6.3)
builder (3.0.4)
byebug (8.2.1)
byebug (8.2.2)
cancan (1.6.10)
capistrano (3.4.0)
i18n
Expand All @@ -108,7 +107,7 @@ GEM
capistrano-bundler (1.1.4)
capistrano (~> 3.1)
sshkit (~> 1.2)
capistrano-rails (1.1.5)
capistrano-rails (1.1.6)
capistrano (~> 3.1)
capistrano-bundler (~> 1.1)
capistrano-rvm (0.1.2)
Expand All @@ -120,7 +119,7 @@ GEM
rack (>= 1.0.0)
rack-test (>= 0.5.4)
xpath (~> 2.0)
celluloid (0.17.2)
celluloid (0.17.3)
celluloid-essentials
celluloid-extras
celluloid-fsm
Expand All @@ -133,7 +132,7 @@ GEM
timers (>= 4.1.1)
celluloid-fsm (0.20.5)
timers (>= 4.1.1)
celluloid-io (0.17.2)
celluloid-io (0.17.3)
celluloid (>= 0.17.2)
nio4r (>= 1.1)
timers (>= 4.1.1)
Expand All @@ -144,7 +143,7 @@ GEM
choice (0.2.0)
chunky_png (1.3.5)
cliver (0.3.2)
coderay (1.1.0)
coderay (1.1.1)
coffee-rails (3.2.2)
coffee-script (>= 2.2.0)
railties (~> 3.2.0)
Expand Down Expand Up @@ -173,21 +172,21 @@ GEM
gherkin (~> 2.12)
multi_json (>= 1.7.5, < 2.0)
multi_test (>= 0.1.2)
cucumber-rails (1.4.2)
cucumber-rails (1.4.3)
capybara (>= 1.1.2, < 3)
cucumber (>= 1.3.8, < 2)
mime-types (>= 1.16, < 3)
cucumber (>= 1.3.8, < 3)
mime-types (>= 1.16, < 4)
nokogiri (~> 1.5)
rails (>= 3, < 5)
d3_rails (3.5.11)
railties (>= 3, < 5)
d3_rails (3.5.16)
railties (>= 3.1.0)
dagnabit (3.0.1)
activerecord (>= 2.3.0)
data_migrate (1.2.0)
rails (>= 3.0.0)
database_cleaner (1.5.1)
debug_inspector (0.0.2)
devise (3.5.5)
devise (3.5.6)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 3.2.6, < 5)
Expand All @@ -196,7 +195,7 @@ GEM
warden (~> 1.2.3)
diff-lcs (1.2.5)
docile (1.1.5)
domain_name (0.5.25)
domain_name (0.5.20160216)
unf (>= 0.0.5, < 1.0.0)
dotenv (1.0.2)
easy_translate (0.5.0)
Expand Down Expand Up @@ -233,14 +232,14 @@ GEM
sigar (~> 0.7.3)
state_machine
thor
facter (2.4.4)
facter (2.4.6)
CFPropertyList (~> 2.2.6)
factory_girl (4.5.0)
activesupport (>= 3.0.0)
factory_girl_rails (4.5.0)
factory_girl (~> 4.5.0)
railties (>= 3.0.0)
faker (1.6.1)
faker (1.6.3)
i18n (~> 0.5)
faraday (0.9.2)
multipart-post (>= 1.2, < 3)
Expand Down Expand Up @@ -272,7 +271,7 @@ GEM
has_scope (0.6.0)
actionpack (>= 3.2, < 5)
activesupport (>= 3.2, < 5)
hashdiff (0.2.3)
hashdiff (0.3.0)
hashie (3.4.3)
highline (1.7.8)
hike (1.2.3)
Expand Down Expand Up @@ -316,7 +315,7 @@ GEM
jquery-ui-rails (5.0.5)
railties (>= 3.2.16)
json (1.8.3)
json-schema (2.6.0)
json-schema (2.6.1)
addressable (~> 2.3.8)
json-stream (0.2.1)
kaminari (0.16.3)
Expand Down Expand Up @@ -347,7 +346,7 @@ GEM
net-ssh (>= 2.6.5)
net-ssh (3.0.2)
netrc (0.11.0)
nio4r (1.2.0)
nio4r (1.2.1)
nokogiri (1.6.7.2)
mini_portile2 (~> 2.0.0.rc2)
options (2.3.2)
Expand All @@ -371,14 +370,14 @@ GEM
pry (~> 0.10)
pry-rails (0.3.4)
pry (>= 0.9.10)
puma (2.15.3)
puma (3.1.0)
quiet_assets (1.1.0)
railties (>= 3.1, < 5.0)
rack (1.4.7)
rack-cache (1.6.1)
rack (>= 0.4)
rack-mini-profiler (0.9.8)
rack (>= 1.1.3)
rack-mini-profiler (0.9.9.2)
rack (>= 1.2.0)
rack-protection (1.5.3)
rack
rack-ssl (1.3.4)
Expand All @@ -393,7 +392,7 @@ GEM
activesupport (= 3.2.22.2)
bundler (~> 1.0)
railties (= 3.2.22.2)
rails-erd (1.4.5)
rails-erd (1.4.6)
activerecord (>= 3.2)
activesupport (>= 3.2)
choice (~> 0.2.0)
Expand All @@ -405,10 +404,10 @@ GEM
rake (>= 0.8.7)
rdoc (~> 3.4)
thor (>= 0.14.6, < 2.0)
rainbow (2.0.0)
rainbow (2.1.0)
rake (10.5.0)
rb-fsevent (0.9.7)
rb-inotify (0.9.5)
rb-inotify (0.9.7)
ffi (>= 0.5.0)
rdf (1.99.1)
link_header (~> 0.0, >= 0.0.8)
Expand Down Expand Up @@ -444,7 +443,7 @@ GEM
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 3.0)
netrc (~> 0.7)
rspec-activemodel-mocks (1.0.2)
rspec-activemodel-mocks (1.0.3)
activemodel (>= 3.0)
activesupport (>= 3.0)
rspec-mocks (>= 2.99, < 4.0)
Expand Down Expand Up @@ -477,8 +476,8 @@ GEM
railties (~> 3.2.0)
sass (>= 3.1.10)
tilt (~> 1.3)
secure_headers (2.5.1)
user_agent_parser
secure_headers (3.0.3)
useragent
shoulda (3.5.0)
shoulda-context (~> 1.0, >= 1.0.1)
shoulda-matchers (>= 1.4.1, < 3.0)
Expand All @@ -500,7 +499,7 @@ GEM
simple_form (2.1.3)
actionpack (~> 3.0)
activemodel (~> 3.0)
simplecov (0.11.1)
simplecov (0.11.2)
docile (~> 1.1.0)
json (~> 1.8)
simplecov-html (~> 0.10.0)
Expand Down Expand Up @@ -534,7 +533,7 @@ GEM
tilt (1.4.1)
timers (4.1.1)
hitimes
tins (1.8.1)
tins (1.8.2)
treetop (1.4.15)
polyglot
polyglot (>= 0.3.1)
Expand All @@ -545,12 +544,12 @@ GEM
underscore-rails (1.8.3)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.1)
user_agent_parser (2.3.0)
unf_ext (0.0.7.2)
useragent (0.16.5)
uuid (2.3.8)
macaddr (~> 1.0)
vcr (3.0.1)
warden (1.2.4)
warden (1.2.6)
rack (>= 1.0)
webmock (1.22.6)
addressable (>= 2.3.6)
Expand Down Expand Up @@ -582,7 +581,8 @@ DEPENDENCIES
codemirror-rails!
coffee-rails (~> 3.2.2)
compass (~> 1.0.3)
cucumber-rails (~> 1.4)
cucumber (~> 1.3)
cucumber-rails (~> 1.4.2)
d3_rails (~> 3.5.6)
dagnabit (~> 3.0.1)
data_migrate (~> 1.2.0)
Expand Down Expand Up @@ -641,7 +641,7 @@ DEPENDENCIES
ruby-graphviz (~> 1.2.2)
rugged (~> 0.23.2)
sass-rails (~> 3.2.6)
secure_headers (~> 2.5.1)
secure_headers (~> 3.0.3)
shoulda (~> 3.5.0)
shoulda_routing_macros (~> 0.1.2)
sidekiq (~> 3.5.3)
Expand Down
1 change: 0 additions & 1 deletion app/controllers/application_controller.rb
View file
Expand Up @@ -7,7 +7,6 @@ class ApplicationController < ActionController::Base
end

protect_from_forgery
ensure_security_headers

include Pagination
include PathHelpers
Expand Down
3 changes: 1 addition & 2 deletions config/initializers/security_headers.rb
View file
@@ -1,5 +1,5 @@
::SecureHeaders::Configuration.default do |config|
config.hsts = 'max_age=99; include_subdomains=true'
config.hsts = 'max-age=99; includeSubdomains'
config.x_frame_options = 'DENY'
config.x_content_type_options = 'nosniff'
config.x_xss_protection = '1; mode=block'
Expand All @@ -16,6 +16,5 @@
media_src: %w('self'),
object_src: %w('self'),
child_src: %w('self'),
disable_chrome_extension: true,
}
end
8 changes: 0 additions & 8 deletions spec/controllers/home_controller_spec.rb
View file
@@ -1,18 +1,10 @@
require 'spec_helper'

describe HomeController do

describe "show" do
before { get :show }
it { should respond_with :success }
it { should render_template :show }

describe 'csp headers' do
subject{ response.headers["Content-Security-Policy-Report-Only"] }
it{ should include "style-src 'self' 'unsafe-inline';" }
it{ should include "script-src 'self';" }
it{ should include "default-src 'self';" }
end
end

context 'on GET to index' do
Expand Down

0 comments on commit df66867

Please sign in to comment.