Public: Generate a Expect-CT header.
Returns nil if not configured, returns header name and value if configured.
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 18 def make_header(config) return if config.nil? header = new(config) [HEADER_NAME, header.value] end
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 41 def initialize(config) @enforced = config.fetch(:enforce, nil) @max_age = config.fetch(:max_age, nil) @report_uri = config.fetch(:report_uri, nil) end
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 25 def validate_config!(config) return if config.nil? || config == OPT_OUT raise ExpectCertificateTransparencyConfigError.new(INVALID_CONFIGURATION_ERROR) unless config.is_a? Hash unless [true, false, nil].include?(config[:enforce]) raise ExpectCertificateTransparencyConfigError.new(INVALID_ENFORCE_VALUE_ERROR) end if !config[:max_age] raise ExpectCertificateTransparencyConfigError.new(REQUIRED_MAX_AGE_ERROR) elsif config[:max_age].to_s !~ /\A\d+\z/ raise ExpectCertificateTransparencyConfigError.new(INVALID_MAX_AGE_ERROR) end end
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 55 def enforced_directive # Unfortunately `if @enforced` isn't enough here in case someone # passes in a random string so let's be specific with it to prevent # accidental enforcement. "enforce" if @enforced == true end
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 62 def max_age_directive "max-age=#{@max_age}" if @max_age end
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 66 def report_uri_directive "report-uri=\"#{@report_uri}\"" if @report_uri end
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 47 def value [ enforced_directive, max_age_directive, report_uri_directive ].compact.join(", ").strip end