Skip to content
Permalink
Browse files
Make the package actually usable
  • Loading branch information
0xTim committed Feb 17, 2017
1 parent 98d2ce0 commit 0d5328131f4a4b0379cc62bb02b9884f54dcef15
@@ -1,10 +1,10 @@
import HTTP

struct ContentSecurityPolicyConfiguration: SecurityHeaderConfiguration {
public struct ContentSecurityPolicyConfiguration: SecurityHeaderConfiguration {

private let value: String

init(value: String) {
public init(value: String) {
self.value = value
}

@@ -1,10 +1,10 @@
import HTTP

struct ContentSecurityPolicyReportOnlyConfiguration: SecurityHeaderConfiguration {
public struct ContentSecurityPolicyReportOnlyConfiguration: SecurityHeaderConfiguration {

private let value: String

init(value: String) {
public init(value: String) {
self.value = value
}

@@ -1,14 +1,14 @@
import HTTP

struct ContentTypeOptionsConfiguration: SecurityHeaderConfiguration {
public struct ContentTypeOptionsConfiguration: SecurityHeaderConfiguration {

private let option: Options

init(option: Options) {
public init(option: Options) {
self.option = option
}

enum Options {
public enum Options {
case nosniff
case none
}
@@ -1,16 +1,16 @@
import HTTP

struct FrameOptionsConfiguration: SecurityHeaderConfiguration {
public struct FrameOptionsConfiguration: SecurityHeaderConfiguration {

enum Options {
public enum Options {
case deny
case sameOrigin
case allow(from: String)
}

private let option: Options

init(option: Options) {
public init(option: Options) {
self.option = option
}

@@ -1,9 +1,9 @@
import HTTP

struct ServerConfiguration: SecurityHeaderConfiguration {
public struct ServerConfiguration: SecurityHeaderConfiguration {
private let value: String

init(value: String) {
public init(value: String) {
self.value = value
}

@@ -1,12 +1,12 @@
import HTTP

struct StrictTransportSecurityConfiguration: SecurityHeaderConfiguration {
public struct StrictTransportSecurityConfiguration: SecurityHeaderConfiguration {

private let maxAge: Int
private let includeSubdomains: Bool
private let preload: Bool

init(maxAge: Int = 31536000, includeSubdomains: Bool = true, preload: Bool = true) {
public init(maxAge: Int = 31536000, includeSubdomains: Bool = true, preload: Bool = true) {
self.maxAge = maxAge
self.includeSubdomains = includeSubdomains
self.preload = preload
@@ -1,16 +1,16 @@
import HTTP

struct XssProtectionConfiguration: SecurityHeaderConfiguration {
public struct XssProtectionConfiguration: SecurityHeaderConfiguration {

enum Options {
public enum Options {
case disable
case enable
case block
}

private let option: Options

init(option: Options) {
public init(option: Options) {
self.option = option
}

@@ -1,6 +1,6 @@
import HTTP

extension HeaderKey {
public extension HeaderKey {
static public var contentSecurityPolicy: HeaderKey {
return HeaderKey("Content-Security-Policy")
}
@@ -1,10 +1,10 @@
import HTTP

struct SecurityHeaders: Middleware {
public struct SecurityHeaders: Middleware {

private var configurations: [SecurityHeaderConfiguration]

static func api(hstsConfiguration: StrictTransportSecurityConfiguration? = nil, serverConfiguration: ServerConfiguration? = nil) -> SecurityHeaders {
public static func api(hstsConfiguration: StrictTransportSecurityConfiguration? = nil, serverConfiguration: ServerConfiguration? = nil) -> SecurityHeaders {
return SecurityHeaders(contentTypeConfiguration: ContentTypeOptionsConfiguration(option: .nosniff),
contentSecurityPolicyConfiguration: ContentSecurityPolicyConfiguration(value: "default-src 'none'"),
frameOptionsConfiguration: FrameOptionsConfiguration(option: .deny),
@@ -13,7 +13,7 @@ struct SecurityHeaders: Middleware {
serverConfiguration: serverConfiguration)
}

init(contentTypeConfiguration: ContentTypeOptionsConfiguration = ContentTypeOptionsConfiguration(option: .nosniff),
public init(contentTypeConfiguration: ContentTypeOptionsConfiguration = ContentTypeOptionsConfiguration(option: .nosniff),
contentSecurityPolicyConfiguration: ContentSecurityPolicyConfiguration = ContentSecurityPolicyConfiguration(value: "default-src 'self'"),
frameOptionsConfiguration: FrameOptionsConfiguration = FrameOptionsConfiguration(option: .deny),
xssProtectionConfiguration: XssProtectionConfiguration = XssProtectionConfiguration(option: .block),
@@ -35,7 +35,7 @@ struct SecurityHeaders: Middleware {
}
}

func respond(to request: Request, chainingTo next: Responder) throws -> Response {
public func respond(to request: Request, chainingTo next: Responder) throws -> Response {
let response = try next.respond(to: request)

for spec in configurations {
@@ -3,7 +3,7 @@ import XCTest
@testable import Vapor
import HTTP

@testable import VaporSecurityHeaders
import VaporSecurityHeaders

class HeaderTests: XCTestCase {

0 comments on commit 0d53281

Please sign in to comment.