class SecureHeaders::ExpectCertificateTransparency

Constants

HEADER_NAME
INVALID_CONFIGURATION_ERROR
INVALID_ENFORCE_VALUE_ERROR
INVALID_MAX_AGE_ERROR
REQUIRED_MAX_AGE_ERROR

Public Class Methods

make_header(config, use_agent = nil) click to toggle source

Public: Generate a Expect-CT header.

Returns nil if not configured, returns header name and value if configured.

# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 17
def make_header(config, use_agent = nil)
  return if config.nil? || config == OPT_OUT

  header = new(config)
  [HEADER_NAME, header.value]
end
new(config) click to toggle source
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 40
def initialize(config)
  @enforced   = config.fetch(:enforce, nil)
  @max_age    = config.fetch(:max_age, nil)
  @report_uri = config.fetch(:report_uri, nil)
end
validate_config!(config) click to toggle source
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 24
def validate_config!(config)
  return if config.nil? || config == OPT_OUT
  raise ExpectCertificateTransparencyConfigError.new(INVALID_CONFIGURATION_ERROR) unless config.is_a? Hash

  unless [true, false, nil].include?(config[:enforce])
    raise ExpectCertificateTransparencyConfigError.new(INVALID_ENFORCE_VALUE_ERROR)
  end

  if !config[:max_age]
    raise ExpectCertificateTransparencyConfigError.new(REQUIRED_MAX_AGE_ERROR)
  elsif config[:max_age].to_s !~ /\A\d+\z/
    raise ExpectCertificateTransparencyConfigError.new(INVALID_MAX_AGE_ERROR)
  end
end

Public Instance Methods

enforced_directive() click to toggle source
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 54
def enforced_directive
  # Unfortunately `if @enforced` isn't enough here in case someone
  # passes in a random string so let's be specific with it to prevent
  # accidental enforcement.
  "enforce" if @enforced == true
end
max_age_directive() click to toggle source
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 61
def max_age_directive
  "max-age=#{@max_age}" if @max_age
end
report_uri_directive() click to toggle source
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 65
def report_uri_directive
  "report-uri=\"#{@report_uri}\"" if @report_uri
end
value() click to toggle source
# File lib/secure_headers/headers/expect_certificate_transparency.rb, line 46
def value
  [
    enforced_directive,
    max_age_directive,
    report_uri_directive
  ].compact.join(", ").strip
end