Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Separate browser policy functions into two packages.
* browser-policy uses browser-policy-framing and browser-policy-content, both of which set default policies when they are used. This way you get a default policy when you add a browser policy package, but you can pick and choose different packages if you only want to think about one of them. * The two packages use different namespaces: BrowserPolicy.framing and BrowserPolicy.content, which meant some functions got renamed (e.g. not using "framing" or "content in the function name when it's already in the namespace).
- Loading branch information
Emily Stark
committed
Oct 3, 2013
1 parent
d5159ae
commit b5286b9
Showing
14 changed files
with
452 additions
and
399 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
.build* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
BrowserPolicy = {}; | ||
|
||
var inTest = false; | ||
|
||
BrowserPolicy._runningTest = function () { | ||
return inTest; | ||
}; | ||
|
||
BrowserPolicy._setRunningTest = function () { | ||
inTest = true; | ||
}; | ||
|
||
WebApp.connectHandlers.use(function (req, res, next) { | ||
// Never set headers inside tests because they could break other tests. | ||
if (BrowserPolicy._runningTest()) | ||
return next(); | ||
|
||
var xFrameOptions = BrowserPolicy.framing && | ||
BrowserPolicy.framing._constructXFrameOptions(); | ||
var csp = BrowserPolicy.content && | ||
BrowserPolicy.content._constructCsp(); | ||
if (xFrameOptions) | ||
res.setHeader("X-Frame-Options", xFrameOptions); | ||
if (csp) | ||
res.setHeader("Content-Security-Policy", csp); | ||
next(); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
Package.describe({ | ||
summary: "Common code for browser-policy packages", | ||
internal: true | ||
}); | ||
|
||
Package.on_use(function (api) { | ||
api.use('webapp', 'server'); | ||
api.add_files('browser-policy-common.js', 'server'); | ||
api.export('BrowserPolicy', 'server'); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
.build* |
Oops, something went wrong.