fix rubocop violations

Author: stve

Gemfile

@@ -1,21 +1,22 @@
+# frozen_string_literal: true
 source "https://rubygems.org"
 
 gemspec
 
 group :test do
-  gem "tins", "~> 1.6.0" # 1.7 requires ruby 2.0
-  gem "pry-nav"
+  gem "coveralls"
   gem "json", "~> 1"
+  gem "pry-nav"
   gem "rack", "~> 1"
   gem "rspec"
   gem "rubocop", "~> 0.47.0"
   gem "rubocop-github"
-  gem "coveralls"
   gem "term-ansicolor", "< 1.4"
+  gem "tins", "~> 1.6.0" # 1.7 requires ruby 2.0
 end
 
 group :guard do
-  gem "guard-rspec", platforms: [:ruby_19, :ruby_20, :ruby_21, :ruby_22]
   gem "growl"
+  gem "guard-rspec", platforms: [:ruby_19, :ruby_20, :ruby_21, :ruby_22]
   gem "rb-fsevent"
 end

Guardfile

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 guard :rspec, cmd: "bundle exec rspec", all_on_start: true, all_after_pass: true do
   require "guard/rspec/dsl"
   dsl = Guard::RSpec::Dsl.new(self)

Rakefile

@@ -1,8 +1,9 @@
 #!/usr/bin/env rake
-require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
-require 'net/http'
-require 'net/https'
+# frozen_string_literal: true
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+require "net/http"
+require "net/https"
 
 desc "Run RSpec"
 # RSpec::Core::RakeTask.new(:spec)
@@ -12,25 +13,25 @@ RSpec::Core::RakeTask.new do |t|
 end
 
 begin
-  require 'rdoc/task'
+  require "rdoc/task"
 rescue LoadError
-  require 'rdoc/rdoc'
-  require 'rake/rdoctask'
+  require "rdoc/rdoc"
+  require "rake/rdoctask"
   RDoc::Task = Rake::RDocTask
 end
 
 begin
-  require 'rubocop/rake_task'
+  require "rubocop/rake_task"
   RuboCop::RakeTask.new
 rescue LoadError
   task(:rubocop) { $stderr.puts "RuboCop is disabled" }
 end
 
 RDoc::Task.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'SecureHeaders'
-  rdoc.options << '--line-numbers'
-  rdoc.rdoc_files.include('lib/**/*.rb')
+  rdoc.rdoc_dir = "rdoc"
+  rdoc.title    = "SecureHeaders"
+  rdoc.options << "--line-numbers"
+  rdoc.rdoc_files.include("lib/**/*.rb")
 end
 
 task default: [:spec, :rubocop]

lib/secure_headers.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require "secure_headers/configuration"
 require "secure_headers/hash_helper"
 require "secure_headers/headers/cookie"

lib/secure_headers/configuration.rb

@@ -1,4 +1,5 @@
-require 'yaml'
+# frozen_string_literal: true
+require "yaml"
 
 module SecureHeaders
   class Configuration

lib/secure_headers/hash_helper.rb

@@ -1,4 +1,5 @@
-require 'base64'
+# frozen_string_literal: true
+require "base64"
 
 module SecureHeaders
   module HashHelper

lib/secure_headers/headers/clear_site_data.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   class ClearSiteDataConfigError < StandardError; end
   class ClearSiteData
@@ -17,7 +18,7 @@ class << self
       # Public: make an Clear-Site-Data header name, value pair
       #
       # Returns nil if not configured, returns header name and value if configured.
-      def make_header(config=nil)
+      def make_header(config = nil)
         case config
         when nil, OPT_OUT, []
           # noop

lib/secure_headers/headers/content_security_policy.rb

@@ -1,6 +1,7 @@
-require_relative 'policy_management'
-require_relative 'content_security_policy_config'
-require 'useragent'
+# frozen_string_literal: true
+require_relative "policy_management"
+require_relative "content_security_policy_config"
+require "useragent"
 
 module SecureHeaders
   class ContentSecurityPolicy
@@ -229,7 +230,7 @@ def nonces_supported?
     end
 
     def symbol_to_hyphen_case(sym)
-      sym.to_s.tr('_', '-')
+      sym.to_s.tr("_", "-")
     end
   end
 end

lib/secure_headers/headers/content_security_policy_config.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   module DynamicConfig
     def self.included(base)

lib/secure_headers/headers/cookie.rb

@@ -1,5 +1,6 @@
-require 'cgi'
-require 'secure_headers/utils/cookies_config'
+# frozen_string_literal: true
+require "cgi"
+require "secure_headers/utils/cookies_config"
 
 module SecureHeaders
   class CookiesConfigError < StandardError; end
@@ -113,7 +114,7 @@ def parse(cookie)
       return unless cookie
 
       cookie.split(/[;,]\s?/).each do |pairs|
-        name, values = pairs.split('=',2)
+        name, values = pairs.split("=", 2)
         name = CGI.unescape(name)
 
         attribute = name.downcase.to_sym

lib/secure_headers/headers/policy_management.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   module PolicyManagement
     def self.included(base)

lib/secure_headers/headers/public_key_pins.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   class PublicKeyPinsConfigError < StandardError; end
   class PublicKeyPins
@@ -54,7 +55,7 @@ def value
         pin_directives,
         report_uri_directive,
         subdomain_directive
-      ].compact.join('; ').strip
+      ].compact.join("; ").strip
     end
 
     def pin_directives
@@ -63,7 +64,7 @@ def pin_directives
         pin.map do |token, hash|
           "pin-#{token}=\"#{hash}\"" if HASH_ALGORITHMS.include?(token)
         end
-      end.join('; ')
+      end.join("; ")
     end
 
     def max_age_directive
@@ -75,7 +76,7 @@ def report_uri_directive
     end
 
     def subdomain_directive
-      @include_subdomains ? 'includeSubDomains' : nil
+      @include_subdomains ? "includeSubDomains" : nil
     end
   end
 end

lib/secure_headers/headers/referrer_policy.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   class ReferrerPolicyConfigError < StandardError; end
   class ReferrerPolicy

lib/secure_headers/headers/strict_transport_security.rb

@@ -1,8 +1,9 @@
+# frozen_string_literal: true
 module SecureHeaders
   class STSConfigError < StandardError; end
 
   class StrictTransportSecurity
-    HEADER_NAME = 'Strict-Transport-Security'.freeze
+    HEADER_NAME = "Strict-Transport-Security".freeze
     HSTS_MAX_AGE = "631138519"
     DEFAULT_VALUE = "max-age=" + HSTS_MAX_AGE
     VALID_STS_HEADER = /\Amax-age=\d+(; includeSubdomains)?(; preload)?\z/i

lib/secure_headers/headers/x_content_type_options.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   class XContentTypeOptionsConfigError < StandardError; end
 

lib/secure_headers/headers/x_download_options.rb

@@ -1,8 +1,9 @@
+# frozen_string_literal: true
 module SecureHeaders
   class XDOConfigError < StandardError; end
   class XDownloadOptions
     HEADER_NAME = "X-Download-Options".freeze
-    DEFAULT_VALUE = 'noopen'
+    DEFAULT_VALUE = "noopen"
     CONFIG_KEY = :x_download_options
 
     class << self

lib/secure_headers/headers/x_frame_options.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   class XFOConfigError < StandardError; end
   class XFrameOptions

lib/secure_headers/headers/x_permitted_cross_domain_policies.rb

@@ -1,8 +1,9 @@
+# frozen_string_literal: true
 module SecureHeaders
   class XPCDPConfigError < StandardError; end
   class XPermittedCrossDomainPolicies
     HEADER_NAME = "X-Permitted-Cross-Domain-Policies".freeze
-    DEFAULT_VALUE = 'none'
+    DEFAULT_VALUE = "none"
     VALID_POLICIES = %w(all none master-only by-content-type by-ftp-filename)
     CONFIG_KEY = :x_permitted_cross_domain_policies
 

lib/secure_headers/headers/x_xss_protection.rb

@@ -1,7 +1,8 @@
+# frozen_string_literal: true
 module SecureHeaders
   class XXssProtectionConfigError < StandardError; end
   class XXssProtection
-    HEADER_NAME = 'X-XSS-Protection'.freeze
+    HEADER_NAME = "X-XSS-Protection".freeze
     DEFAULT_VALUE = "1; mode=block"
     VALID_X_XSS_HEADER = /\A[01](; mode=block)?(; report=.*)?\z/i
     CONFIG_KEY = :x_xss_protection

lib/secure_headers/middleware.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   class Middleware
     HPKP_SAME_HOST_WARNING = "[WARNING] HPKP report host should not be the same as the request host. See https://github.com/twitter/secureheaders/issues/166"
@@ -25,33 +26,33 @@ def call(env)
 
     # inspired by https://github.com/tobmatth/rack-ssl-enforcer/blob/6c014/lib/rack/ssl-enforcer.rb#L183-L194
     def flag_cookies!(headers, config)
-      if cookies = headers['Set-Cookie']
+      if cookies = headers["Set-Cookie"]
         # Support Rails 2.3 / Rack 1.1 arrays as headers
         cookies = cookies.split("\n") unless cookies.is_a?(Array)
 
-        headers['Set-Cookie'] = cookies.map do |cookie|
+        headers["Set-Cookie"] = cookies.map do |cookie|
           SecureHeaders::Cookie.new(cookie, config).to_s
         end.join("\n")
       end
     end
 
     # disable Secure cookies for non-https requests
     def override_secure(env, config = {})
-      if scheme(env) != 'https'
-        config.merge!(secure: false)
+      if scheme(env) != "https"
+        config[:secure] = false
       end
 
       config
     end
 
     # derived from https://github.com/tobmatth/rack-ssl-enforcer/blob/6c014/lib/rack/ssl-enforcer.rb#L119
     def scheme(env)
-      if env['HTTPS'] == 'on' || env['HTTP_X_SSL_REQUEST'] == 'on'
-        'https'
-      elsif env['HTTP_X_FORWARDED_PROTO']
-        env['HTTP_X_FORWARDED_PROTO'].split(',')[0]
+      if env["HTTPS"] == "on" || env["HTTP_X_SSL_REQUEST"] == "on"
+        "https"
+      elsif env["HTTP_X_FORWARDED_PROTO"]
+        env["HTTP_X_FORWARDED_PROTO"].split(",")[0]
       else
-        env['rack.url_scheme']
+        env["rack.url_scheme"]
       end
     end
   end

lib/secure_headers/railtie.rb

@@ -1,20 +1,21 @@
+# frozen_string_literal: true
 # rails 3.1+
 if defined?(Rails::Railtie)
   module SecureHeaders
     class Railtie < Rails::Railtie
       isolate_namespace SecureHeaders if defined? isolate_namespace # rails 3.0
-      conflicting_headers = ['X-Frame-Options', 'X-XSS-Protection',
-                             'X-Permitted-Cross-Domain-Policies', 'X-Download-Options',
-                             'X-Content-Type-Options', 'Strict-Transport-Security',
-                             'Content-Security-Policy', 'Content-Security-Policy-Report-Only',
-                             'Public-Key-Pins', 'Public-Key-Pins-Report-Only', 'Referrer-Policy']
+      conflicting_headers = ["X-Frame-Options", "X-XSS-Protection",
+                             "X-Permitted-Cross-Domain-Policies", "X-Download-Options",
+                             "X-Content-Type-Options", "Strict-Transport-Security",
+                             "Content-Security-Policy", "Content-Security-Policy-Report-Only",
+                             "Public-Key-Pins", "Public-Key-Pins-Report-Only", "Referrer-Policy"]
 
       initializer "secure_headers.middleware" do
         Rails.application.config.middleware.insert_before 0, SecureHeaders::Middleware
       end
 
       rake_tasks do
-        load File.expand_path(File.join('..', '..', 'lib', 'tasks', 'tasks.rake'), File.dirname(__FILE__))
+        load File.expand_path(File.join("..", "..", "lib", "tasks", "tasks.rake"), File.dirname(__FILE__))
       end
 
       initializer "secure_headers.action_controller" do

lib/secure_headers/utils/cookies_config.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   class CookiesConfig
 
@@ -51,10 +52,10 @@ def validate_samesite_boolean_config!
     def validate_samesite_hash_config!
       # validate Hash-based samesite configuration
       if is_hash?(config[:samesite][:lax])
-        validate_exclusive_use_of_hash_constraints!(config[:samesite][:lax], 'samesite lax')
+        validate_exclusive_use_of_hash_constraints!(config[:samesite][:lax], "samesite lax")
 
         if is_hash?(config[:samesite][:strict])
-          validate_exclusive_use_of_hash_constraints!(config[:samesite][:strict], 'samesite strict')
+          validate_exclusive_use_of_hash_constraints!(config[:samesite][:strict], "samesite strict")
           validate_exclusive_use_of_samesite_enforcement!(:only)
           validate_exclusive_use_of_samesite_enforcement!(:except)
         end

lib/secure_headers/view_helper.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module SecureHeaders
   module ViewHelpers
     include SecureHeaders::HashHelper
@@ -75,7 +76,7 @@ def hashed_tag(type, directive, hashes, raise_error_on_unrecognized_hash, block)
       end
 
       content = capture(&block)
-      file_path = File.join('app', 'views', self.instance_variable_get(:@virtual_path) + '.html.erb')
+      file_path = File.join("app", "views", self.instance_variable_get(:@virtual_path) + ".html.erb")
 
       if raise_error_on_unrecognized_hash
         hash_value = hash_source(content)

lib/tasks/tasks.rake

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 INLINE_SCRIPT_REGEX = /(<script(\s*(?!src)([\w\-])+=([\"\'])[^\"\']+\4)*\s*>)(.*?)<\/script>/mx unless defined? INLINE_SCRIPT_REGEX
 INLINE_STYLE_REGEX = /(<style[^>]*>)(.*?)<\/style>/mx unless defined? INLINE_STYLE_REGEX
 INLINE_HASH_SCRIPT_HELPER_REGEX = /<%=\s?hashed_javascript_tag(.*?)\s+do\s?%>(.*?)<%\s*end\s*%>/mx unless defined? INLINE_HASH_SCRIPT_HELPER_REGEX
@@ -73,7 +74,7 @@ namespace :secure_headers do
       end
     end
 
-    File.open(SecureHeaders::Configuration::HASH_CONFIG_FILE, 'w') do |file|
+    File.open(SecureHeaders::Configuration::HASH_CONFIG_FILE, "w") do |file|
       file.write(script_hashes.to_yaml)
     end
 

secure_headers.gemspec

@@ -1,10 +1,11 @@
 # -*- encoding: utf-8 -*-
+# frozen_string_literal: true
 Gem::Specification.new do |gem|
   gem.name          = "secure_headers"
   gem.version       = "3.6.4"
   gem.authors       = ["Neil Matatall"]
   gem.email         = ["neil.matatall@gmail.com"]
-  gem.description   = 'Manages application of security headers with many safe defaults.'
+  gem.description   = "Manages application of security headers with many safe defaults."
   gem.summary       = 'Add easily configured security headers to responses
     including content-security-policy, x-frame-options,
     strict-transport-security, etc.'

spec/lib/secure_headers/configuration_spec.rb

@@ -1,4 +1,5 @@
-require 'spec_helper'
+# frozen_string_literal: true
+require "spec_helper"
 
 module SecureHeaders
   describe Configuration do

spec/lib/secure_headers/headers/clear_site_data_spec.rb

@@ -1,4 +1,5 @@
-require 'spec_helper'
+# frozen_string_literal: true
+require "spec_helper"
 
 module SecureHeaders
   describe ClearSiteData do