File tree Expand file tree Collapse file tree 2 files changed +7
-1
lines changed Expand file tree Collapse file tree 2 files changed +7
-1
lines changed Original file line number Diff line number Diff line change @@ -155,9 +155,10 @@ def dedup_source_list(sources)
155155 wild_sources = sources . select { |source | source =~ STAR_REGEXP }
156156
157157 if wild_sources . any?
158+ schemes = sources . map { |source | [ source , URI ( source ) . scheme ] } . to_h
158159 sources . reject do |source |
159160 !wild_sources . include? ( source ) &&
160- wild_sources . any? { |pattern | File . fnmatch ( pattern , source ) }
161+ wild_sources . any? { |pattern | schemes [ pattern ] == schemes [ source ] && File . fnmatch ( pattern , source ) }
161162 end
162163 else
163164 sources
Original file line number Diff line number Diff line change @@ -106,6 +106,11 @@ module SecureHeaders
106106 expect ( csp . value ) . to eq ( "default-src example.org" )
107107 end
108108
109+ it "does not deduplicate non-matching schema source expressions" do
110+ csp = ContentSecurityPolicy . new ( default_src : %w( *.example.org wss://example.example.org ) )
111+ expect ( csp . value ) . to eq ( "default-src *.example.org wss://example.example.org" )
112+ end
113+
109114 it "creates maximally strict sandbox policy when passed no sandbox token values" do
110115 csp = ContentSecurityPolicy . new ( default_src : %w( example.org ) , sandbox : [ ] )
111116 expect ( csp . value ) . to eq ( "default-src example.org; sandbox" )
You can’t perform that action at this time.
0 commit comments