From dd33ebc81e683887ada934e11ac6f20b07ad8766 Mon Sep 17 00:00:00 2001 From: boB Rudis Date: Sat, 9 Mar 2019 10:36:23 -0500 Subject: [PATCH] actual functions --- DESCRIPTION | 3 + NAMESPACE | 27 ++++ R/allows.R | 158 +++++++++++++++++++++ R/crsspy-package.R | 13 -- R/csp-validate.R | 84 +++++++++++ R/cspy-package.R | 15 ++ R/parse-csp-text.R | 111 +++++++++++++++ R/utils-pipe.R | 11 ++ inst/java/cspy-1.0-SNAPSHOT.jar | Bin 0 -> 3551 bytes java/cspy/target/classes/is/rud/crsspy/App.class | Bin 0 -> 1192 bytes java/cspy/target/cspy-1.0-SNAPSHOT.jar | Bin 0 -> 3551 bytes java/cspy/target/maven-archiver/pom.properties | 4 + .../compile/default-compile/createdFiles.lst | 1 + .../compile/default-compile/inputFiles.lst | 1 + .../default-testCompile/createdFiles.lst | 0 .../testCompile/default-testCompile/inputFiles.lst | 1 + .../TEST-is.rud.crsspy.AppTest.xml | 65 +++++++++ .../surefire-reports/is.rud.crsspy.AppTest.txt | 4 + .../test-classes/is/rud/crsspy/AppTest.class | Bin 473 -> 473 bytes man/as.data.frame.csp.Rd | 22 +++ man/crsspy.Rd | 9 +- man/csp_allows.Rd | 76 ++++++++++ man/parse_csp.Rd | 27 ++++ man/pipe.Rd | 12 ++ man/validate_csp.Rd | 19 +++ 25 files changed, 647 insertions(+), 16 deletions(-) create mode 100644 R/allows.R delete mode 100644 R/crsspy-package.R create mode 100644 R/csp-validate.R create mode 100644 R/cspy-package.R create mode 100644 R/parse-csp-text.R create mode 100644 R/utils-pipe.R create mode 100644 inst/java/cspy-1.0-SNAPSHOT.jar create mode 100644 java/cspy/target/classes/is/rud/crsspy/App.class create mode 100644 java/cspy/target/cspy-1.0-SNAPSHOT.jar create mode 100644 java/cspy/target/maven-archiver/pom.properties create mode 100644 java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst create mode 100644 java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst create mode 100644 java/cspy/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst create mode 100644 java/cspy/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst create mode 100644 java/cspy/target/surefire-reports/TEST-is.rud.crsspy.AppTest.xml create mode 100644 java/cspy/target/surefire-reports/is.rud.crsspy.AppTest.txt create mode 100644 man/as.data.frame.csp.Rd create mode 100644 man/csp_allows.Rd create mode 100644 man/parse_csp.Rd create mode 100644 man/pipe.Rd create mode 100644 man/validate_csp.Rd diff --git a/DESCRIPTION b/DESCRIPTION index 11f1c6e..2c8084e 100644 --- a/DESCRIPTION +++ b/DESCRIPTION @@ -22,5 +22,8 @@ Suggests: Depends: R (>= 3.2.0), rJava +Imports: + httr, + magrittr Roxygen: list(markdown = TRUE) RoxygenNote: 6.1.1 diff --git a/NAMESPACE b/NAMESPACE index 1add1bf..4ad8c4d 100644 --- a/NAMESPACE +++ b/NAMESPACE @@ -1,3 +1,30 @@ # Generated by roxygen2: do not edit by hand +S3method(as.data.frame,csp) +export("%>%") +export(allows_child_from_source) +export(allows_connect_to) +export(allows_font_from_source) +export(allows_form_action) +export(allows_frame_ancestor) +export(allows_frame_from_source) +export(allows_manifest_from_source) +export(allows_media_from_source) +export(allows_navigation) +export(allows_object_from_source) +export(allows_prefetch_from_source) +export(allows_script_from_source) +export(allows_script_with_nonce) +export(allows_style_from_source) +export(allows_style_with_nonce) +export(allows_unsafe_inline_script) +export(allows_unsafe_inline_style) +export(allows_worker_from_source) +export(fetch_csp) +export(parse_csp) +export(validate_csp) import(rJava) +importFrom(httr,GET) +importFrom(httr,HEAD) +importFrom(httr,warn_for_status) +importFrom(magrittr,"%>%") diff --git a/R/allows.R b/R/allows.R new file mode 100644 index 0000000..4ab201b --- /dev/null +++ b/R/allows.R @@ -0,0 +1,158 @@ +#' Tests for what a parsed CSP allows +#' +#' @name csp_allows +NULL + +#' @param csp a `csp` object created with [fetch_csp()] or [parse_csp()] +#' @param URL source or destination URL +#' @param nonce a [cryptographic nonce](https://html.spec.whatwg.org/multipage/urls-and-fetching.html#attr-nonce) +#' @rdname csp_allows +#' @return logical +#' @references [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/) +#' @export +allows_child_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsChildFromSource(URL) +} + +#' @rdname csp_allows +#' @export +allows_connect_to <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsConnectTo() +} + +#' @rdname csp_allows +#' @export +allows_font_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsFontFromSource() +} + +#' @rdname csp_allows +#' @export +allows_form_action <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsFormAction() +} + +#' @rdname csp_allows +#' @export +allows_frame_ancestor <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsFrameAncestor() +} + +#' @rdname csp_allows +#' @export +allows_frame_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsFrameFromSource() +} + +allows_img_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsImgFromSource() +} + +#' @rdname csp_allows +#' @export +allows_manifest_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsManifestFromSource() +} + +#' @rdname csp_allows +#' @export +allows_media_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsMediaFromSource() +} + +#' @rdname csp_allows +#' @export +allows_navigation <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsNavigation() +} + +#' @rdname csp_allows +#' @export +allows_object_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsObjectFromSource() +} + +# #' @rdname csp_allows +# #' @export +# allows_plugin <- function(csp) { +# allowsPlugin() +# } + +#' @rdname csp_allows +#' @export +allows_prefetch_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsPrefetchFromSource() +} + +#' @rdname csp_allows +#' @export +allows_script_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsScriptFromSource() +} + +# #' @rdname csp_allows +# #' @export +# allows_script_with_hash <- function(csp) { +# allowsScriptWithHash() +# } + +#' @rdname csp_allows +#' @export +allows_script_with_nonce <- function(csp, nonce) { + csp[["policy"]]$allowsScriptWithNonce(nonce) +} + +#' @rdname csp_allows +#' @export +allows_style_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsStyleFromSource() +} + +# #' @rdname csp_allows +# #' @export +# allows_style_with_hash <- function(csp) { +# allowsStyleWithHash() +# } + +#' @rdname csp_allows +#' @export +allows_style_with_nonce <- function(csp, nonce) { + csp[["policy"]]$allowsStyleWithNonce(nonce) +} + +#' @rdname csp_allows +#' @export +allows_unsafe_inline_script <- function(csp) { + csp[["policy"]]$allowsUnsafeInlineScript() +} + +#' @rdname csp_allows +#' @export +allows_unsafe_inline_style <- function(csp) { + csp[["policy"]]$allowsUnsafeInlineStyle() +} + +#' @rdname csp_allows +#' @export +allows_worker_from_source <- function(csp, URL) { + URL <- J("com.shapesecurity.salvation.data.URI")$parse(URL) + csp[["policy"]]$allowsWorkerFromSource() +} + +# allows_attribute_with_hash <- function(csp) { +# allowsAttributeWithHash() +# } diff --git a/R/crsspy-package.R b/R/crsspy-package.R deleted file mode 100644 index 98f6fad..0000000 --- a/R/crsspy-package.R +++ /dev/null @@ -1,13 +0,0 @@ -#' Content Security Policy Decomposer & Evaluator -#' -#' - URL: -#' - BugReports: -#' - Javadoc: -#' -#' @md -#' @name crsspy -#' @docType package -#' @keywords internal -#' @author Bob Rudis (bob@@rud.is) -#' @import rJava -NULL diff --git a/R/csp-validate.R b/R/csp-validate.R new file mode 100644 index 0000000..614c5c1 --- /dev/null +++ b/R/csp-validate.R @@ -0,0 +1,84 @@ +#' Validate a CSP +#' +#' Validates a content security policy. If policy problems are found +#' a data frame of information notes, warnings and errors is returned +#' with the specific locations of the issues in the original CSP string. +#' +#' @param csp a `csp` object created with [fetch_csp()] or [parse_csp()] +#' @return data frame +#' @export +validate_csp <- function(csp) { + + Notice <- J("com.shapesecurity.salvation.data.Notice") + + app <- J("is.rud.crsspy.App") + + p <- csp[["policy"]] + + x <- app$get_notices(p$show(), csp[["origin"]]) + + errs <- Notice$getAllErrors(x) + info <- Notice$getAllInfos(x) + warn <- Notice$getAllWarnings(x) + + e <- errs$toArray() + do.call( + rbind.data.frame, + lapply(e, function(.x) { + data.frame( + message = .x$message, + type = .x$type$toString(), + start_line = .x$startLocation$line, + start_column = .x$startLocation$column, + start_offset = .x$startLocation$offset, + end_line = .x$endLocation$line, + end_column = .x$endLocation$column, + end_offset = .x$endLocation$offset, + stringsAsFactors = FALSE + ) + }) + ) -> edf + + i <- info$toArray() + do.call( + rbind.data.frame, + lapply(i, function(.x) { + data.frame( + message = .x$message, + type = .x$type$toString(), + start_line = .x$startLocation$line, + start_column = .x$startLocation$column, + start_offset = .x$startLocation$offset, + end_line = .x$endLocation$line, + end_column = .x$endLocation$column, + end_offset = .x$endLocation$offset, + stringsAsFactors = FALSE + ) + }) + ) -> idf + + w <- warn$toArray() + do.call( + rbind.data.frame, + lapply(w, function(.x) { + data.frame( + message = .x$message, + type = .x$type$toString(), + start_line = .x$startLocation$line, + start_column = .x$startLocation$column, + start_offset = .x$startLocation$offset, + end_line = .x$endLocation$line, + end_column = .x$endLocation$column, + end_offset = .x$endLocation$offset, + stringsAsFactors = FALSE + ) + }) + ) -> wdf + + out <- do.call(rbind.data.frame, list(edf, wdf, idf)) + + class(out) <- c("tbl_df", "tbl", "data.frame") + + out + +} diff --git a/R/cspy-package.R b/R/cspy-package.R new file mode 100644 index 0000000..34b2719 --- /dev/null +++ b/R/cspy-package.R @@ -0,0 +1,15 @@ +#' Content Security Policy Decomposer & Evaluator +#' +#' - URL: +#' - BugReports: +#' - Javadoc: +#' +#' @md +#' @name crsspy +#' @docType package +#' @keywords internal +#' @author Bob Rudis (bob@@rud.is) +#' @import rJava +#' @importFrom httr GET HEAD warn_for_status +#' @references [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/) +NULL diff --git a/R/parse-csp-text.R b/R/parse-csp-text.R new file mode 100644 index 0000000..87c7b3c --- /dev/null +++ b/R/parse-csp-text.R @@ -0,0 +1,111 @@ +#' Fetch and/or parse a content security policy header value +#' +#' Use [fetch_csp()] to load & parse a CSP from a remote site. Use [parse_csp()] +#' to parse an already fetched or composed CSP. +#' +#' @param csp_text length 1 character vector containing CSP text +#' @param origin_url site to fetch CSP from or to use when just parsing a +#' plain text (possibly already fetched) CSP +#' @param method method to use fetch CSP (sites may change headers returned +#' depending on the method used) +#' @references [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/) +#' @export +parse_csp <- function(csp_text, origin_url) { + + ParserWithLocation <- J("com.shapesecurity.salvation.ParserWithLocation") + + list( + policy = ParserWithLocation$parse(csp_text, origin_url), + origin = origin_url + ) -> p + + + class(p) <- c("csp") + + p + +} + +#' @rdname parse_csp +#' @export +fetch_csp <- function(origin_url, method = c("head", "get")) { + + method <- match.arg(tolower(method), c("head", "get")) + + r <- if (method == "head") httr::HEAD(origin_url) else httr::GET(origin_url) + + httr::warn_for_status(r) + + h <- httr::headers(r) + + csp <- h[["content-security-policy"]] + + if (length(csp) == 0) { + stop("Content-Security-Policy header not found at ", origin_url, call.=FALSE) + } + + p <- parse_csp(csp, origin_url) + + p[["origin"]] <- origin_url + + p + +} + +# #' Update an origin in a `csp` object +# #' +# #' @param csp a `csp` object created with [fetch_csp()] or [parse_csp()] +# #' @param origin_url origin URL +# #' @return `csp` object +# #' @export +# set_origin <- function(csp, origin_url) { +# +# csp[["origin"]] <- origin_url +# +# csp +# +# } + +#' Convert a parsed CSP into a data frame of directives and values +#' +#' @param x a `csp` object created with [fetch_csp()] or [parse_csp()] +#' @param include_origin if the `csp` object has an origin URL should +#' it be included in the data frame? Default: `TRUE` +#' @param ... ignored +#' @references [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/) +#' @export +as.data.frame.csp <- function(x, include_origin = TRUE, ...) { + + p <- x$policy + d <- p$getDirectives() + + do.call( + rbind.data.frame, + lapply(d$toArray(), function(.x) { + data.frame( + directive = .x$name, + value = sapply(.x$values()$toArray(), function(.y) .y$show()), + stringsAsFactors = FALSE + ) + }) + ) -> xdf + + if ((!is.na(x$origin)) && include_origin) xdf[["origin"]] <- x$origin + + class(xdf) <- c("tbl_df", "tbl", "data.frame") + + xdf + +} + + + + + + + + + + + + diff --git a/R/utils-pipe.R b/R/utils-pipe.R new file mode 100644 index 0000000..fb8c818 --- /dev/null +++ b/R/utils-pipe.R @@ -0,0 +1,11 @@ +#' Pipe operator +#' +#' See \code{magrittr::\link[magrittr]{\%>\%}} for details. +#' +#' @name %>% +#' @rdname pipe +#' @keywords internal +#' @export +#' @importFrom magrittr %>% +#' @usage lhs \%>\% rhs +NULL diff --git a/inst/java/cspy-1.0-SNAPSHOT.jar b/inst/java/cspy-1.0-SNAPSHOT.jar new file mode 100644 index 0000000000000000000000000000000000000000..8ed5cb3efc31a6218111fb5c57ead46e8bdbe2e0 GIT binary patch literal 3551 zcma)<3p~?n7{~vNB;>?sBgqkCnEUmpyU+XCf1l6ud*0`L-skzh-#MT_d~1N!t5*YhhB&*+ z%i9K>008i0PB3$#EgVhNZ0s!6(WZ7bmKIn?1ln>2eZS2XrH1GdL8-wz?ss0tX!L47 ze-#FAzpvaCQCyC(ZnYnJ6^1~fRc+8bLI#qX6$7a7dBu#p5oO5usk*d+*ZcE)W6RxM zLmQ=~pzp%yVLX5XN?lpr5Od;4>Kp@I z=JvP^1lR^)5x&1LTFWu=2_un+WG>t9R}|*5{nnC|S?;ApnLk#xK=6w63+8hBy|MIv zjd3IdGi-#$4bwaotqMg2p_x`iF5|r z7A&p_-qNw>G%m0^jaH32Z{pc2v_sd)!bwn2nd$_xxO74rD(2F2Dy12#ysLJqwphaY zARrrGIUJWM7PwoIHbuYLJnDJi_Cdxxv{v4@+{>%I{#G*hA^u67hqQEMz>C}Q0>U>5 zW2l;j6Qz#FAzBAaJN=Ys)G69#~g)ZxM~f-Cqu0) zwi~>x^7_X&YpUu~vTWd3Wh2hnwRy;qXg`1GSr_sXV`MW%#mv`)n)DnaK(?Hd@?GgppL9d*pM z$~h!QzA7D8U2wTPMMd6xnD>m^=2K!BWr0-L5!5g7bLW++ZvJU9yhIdffM(r zbHd!x)6@0#fGtuqqf)QB`9~~Bv$~kOh}hl7Dlb;Etc!@OEaU-z$IKFw;3_Xx8FPy3 zWM@c^2DteS!Xw*1{#yM!nI0*%;SDIKMF(d_Ol&&uBL;hEr1-&lxFr()DN`wQ=>30E)F~~Ho#`?42U|J?V5X|BtCNVAZ z7e^@K<1+h<)_Q`qtV1P50$@823kVA=FIowYJ)zl+_2*|>nGJ3oHyQ@QMIUV0GVpe{ zNvL(fXqsPn{;rhj?EGBKrH#7ciLvvPNy)qP^fd>vx{c~(o+$K1^*&3Y7HoUNkb634 zCS`?D*OF~|dT|%)sJRc6bJQ5-Q5U;g9e^@l!MZ{K0Q(>BAz}ytv5$bi>+EL#SOXk2 zb!GZi0-@WxB3>lU?7>D8^9vwBJ-Rb=v|M*{r0*YUjJfMFFluI5?TJ~*+=Y)FnLf?1 z<7A5DIi1X*%0C-pxANBcw%(nnT%H+GHJZrXT;u7kL>9fjX%FIkXmqe`=r(J+^_w)* zl(In?L6)V6W?xxRcSs2NeIePW#vMTq>wKKNDpu~M%r1Ag<{V4+Ky&`sC{elbP-@M* znO4w2k7#tlk}tim2MHnnf$wBA`X3>kGMg<4GN#|kx^!=UM^L`+&YS|l{vGMc{1yqL%gpAj{c^T@OKO)n}u!36^rDRatB8RaJ^R;SlPcPq|h8Jw~AuMxVca5!>ndTo5e zUWHD~CBGs_&Zjrf8ptvM`MzXr2^f-^@12B z6KY0W;$j1xFL}}n4{A!R!tOnPaD0YeWk?<7~%|Gp>F6De3nkE+#c5#yu}n37m27?RJ(x%h(_O@F=bjVdA)RQmS|0>g+TzNvqFY5Bu>L zi1_yGRMEA}d1*rWV13W~2kDlYxfpHbfuUtkedKTABYZly1x zB_}VBNTj`w0!wUw1e+rt+s6P*C4C`wJj<~Rs?O_e@GbUu~e*@l{ zW^#MrmVHlbEJkDxmh3k3@iQ^9B4w}hBWC0X2H65OLH=CCVo3I2t-{B=0Kes`Uq#4b zN{&{8OUq_I&Z^&IBa1OPN>`?GC8=MD^XFm~b8^H9{}q2rpg(uC>8l@rwfEXzJNiPT zEN|>W`4N+Tbx4g_;>re_%~v3TyV`z49vmkgOw|2)9N%yVw~HU$XdD;TtNxQ)?(}@# s)tCE?+v$%Qm*bSi{G0RLf&I`ar;Qy@{LDZAK!o}6W>$6pvxEWQUmBO_wg3PC literal 0 HcmV?d00001 diff --git a/java/cspy/target/classes/is/rud/crsspy/App.class b/java/cspy/target/classes/is/rud/crsspy/App.class new file mode 100644 index 0000000000000000000000000000000000000000..f6551325144e662342aaa64d51163280cc56188f GIT binary patch literal 1192 zcmbVLT~8B16g|_grAwuy2!1OdYQJP2^obH8Au%zjg;2%tWTxA-9kT3hW@kzI3;a9! z1kuDF;Eyui+2RLjm1-Ym=H5AT?&&>uzkd7l1;7(Lwqaq}!itR)mTj!!zKu0Ju<+2r zBZl0j^rhZnNLQ){44Ivv=Q0#q(s$eOao1I^MAxHCxfM9VI}l2m_&k}>0~s+av}D9p z+~balqHxH!!?4LP+jsR_KhV-~3Dc~!j>L)Jp78s;qm}gg&GAfil!~?V__k7FNX(kJ za$(>}XJ}-Mv5@pwc?{OiT8n>T36$(hpP|}vf@2;HMCeAY6Dz5QJQCiC&@%9OPiVn+ z6DXBt;Z*p&L?GdpE;ecy{%F>-Nvbw4SJF;e*xVxSd`I?up<_jcy!-!#{##MI6U54K zpGz|aGvw{Mv7mq%@4sNk zhC)T8Wn)4Irf`-xsFmw~tF>nes5ep%jG1OA7~Bcf#)t7Yk9PvkqrXLun^UMdpC7Cs zM<1;Dr9kaQo>rS8PCKJLTRR2&m|V}&noE*43Un@v0JwrVit;F;L?q_%d!&)2{n}@w z4o{JOSwBOjU8^_Fkln~MKG0PfhOUeZt#eejNHirZVm_gMI(kk~neK@Q3v@F2invOs j6rpV_Q9hkS*KvcGZW7Xn8li3x>NaIkxI?+S$?4vAgCj%- literal 0 HcmV?d00001 diff --git a/java/cspy/target/cspy-1.0-SNAPSHOT.jar b/java/cspy/target/cspy-1.0-SNAPSHOT.jar new file mode 100644 index 0000000000000000000000000000000000000000..8ed5cb3efc31a6218111fb5c57ead46e8bdbe2e0 GIT binary patch literal 3551 zcma)<3p~?n7{~vNB;>?sBgqkCnEUmpyU+XCf1l6ud*0`L-skzh-#MT_d~1N!t5*YhhB&*+ z%i9K>008i0PB3$#EgVhNZ0s!6(WZ7bmKIn?1ln>2eZS2XrH1GdL8-wz?ss0tX!L47 ze-#FAzpvaCQCyC(ZnYnJ6^1~fRc+8bLI#qX6$7a7dBu#p5oO5usk*d+*ZcE)W6RxM zLmQ=~pzp%yVLX5XN?lpr5Od;4>Kp@I z=JvP^1lR^)5x&1LTFWu=2_un+WG>t9R}|*5{nnC|S?;ApnLk#xK=6w63+8hBy|MIv zjd3IdGi-#$4bwaotqMg2p_x`iF5|r z7A&p_-qNw>G%m0^jaH32Z{pc2v_sd)!bwn2nd$_xxO74rD(2F2Dy12#ysLJqwphaY zARrrGIUJWM7PwoIHbuYLJnDJi_Cdxxv{v4@+{>%I{#G*hA^u67hqQEMz>C}Q0>U>5 zW2l;j6Qz#FAzBAaJN=Ys)G69#~g)ZxM~f-Cqu0) zwi~>x^7_X&YpUu~vTWd3Wh2hnwRy;qXg`1GSr_sXV`MW%#mv`)n)DnaK(?Hd@?GgppL9d*pM z$~h!QzA7D8U2wTPMMd6xnD>m^=2K!BWr0-L5!5g7bLW++ZvJU9yhIdffM(r zbHd!x)6@0#fGtuqqf)QB`9~~Bv$~kOh}hl7Dlb;Etc!@OEaU-z$IKFw;3_Xx8FPy3 zWM@c^2DteS!Xw*1{#yM!nI0*%;SDIKMF(d_Ol&&uBL;hEr1-&lxFr()DN`wQ=>30E)F~~Ho#`?42U|J?V5X|BtCNVAZ z7e^@K<1+h<)_Q`qtV1P50$@823kVA=FIowYJ)zl+_2*|>nGJ3oHyQ@QMIUV0GVpe{ zNvL(fXqsPn{;rhj?EGBKrH#7ciLvvPNy)qP^fd>vx{c~(o+$K1^*&3Y7HoUNkb634 zCS`?D*OF~|dT|%)sJRc6bJQ5-Q5U;g9e^@l!MZ{K0Q(>BAz}ytv5$bi>+EL#SOXk2 zb!GZi0-@WxB3>lU?7>D8^9vwBJ-Rb=v|M*{r0*YUjJfMFFluI5?TJ~*+=Y)FnLf?1 z<7A5DIi1X*%0C-pxANBcw%(nnT%H+GHJZrXT;u7kL>9fjX%FIkXmqe`=r(J+^_w)* zl(In?L6)V6W?xxRcSs2NeIePW#vMTq>wKKNDpu~M%r1Ag<{V4+Ky&`sC{elbP-@M* znO4w2k7#tlk}tim2MHnnf$wBA`X3>kGMg<4GN#|kx^!=UM^L`+&YS|l{vGMc{1yqL%gpAj{c^T@OKO)n}u!36^rDRatB8RaJ^R;SlPcPq|h8Jw~AuMxVca5!>ndTo5e zUWHD~CBGs_&Zjrf8ptvM`MzXr2^f-^@12B z6KY0W;$j1xFL}}n4{A!R!tOnPaD0YeWk?<7~%|Gp>F6De3nkE+#c5#yu}n37m27?RJ(x%h(_O@F=bjVdA)RQmS|0>g+TzNvqFY5Bu>L zi1_yGRMEA}d1*rWV13W~2kDlYxfpHbfuUtkedKTABYZly1x zB_}VBNTj`w0!wUw1e+rt+s6P*C4C`wJj<~Rs?O_e@GbUu~e*@l{ zW^#MrmVHlbEJkDxmh3k3@iQ^9B4w}hBWC0X2H65OLH=CCVo3I2t-{B=0Kes`Uq#4b zN{&{8OUq_I&Z^&IBa1OPN>`?GC8=MD^XFm~b8^H9{}q2rpg(uC>8l@rwfEXzJNiPT zEN|>W`4N+Tbx4g_;>re_%~v3TyV`z49vmkgOw|2)9N%yVw~HU$XdD;TtNxQ)?(}@# s)tCE?+v$%Qm*bSi{G0RLf&I`ar;Qy@{LDZAK!o}6W>$6pvxEWQUmBO_wg3PC literal 0 HcmV?d00001 diff --git a/java/cspy/target/maven-archiver/pom.properties b/java/cspy/target/maven-archiver/pom.properties new file mode 100644 index 0000000..ad52b1b --- /dev/null +++ b/java/cspy/target/maven-archiver/pom.properties @@ -0,0 +1,4 @@ +#Created by Apache Maven 3.6.0 +version=1.0-SNAPSHOT +groupId=is.rud.cspy +artifactId=cspy diff --git a/java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst b/java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst new file mode 100644 index 0000000..351c3de --- /dev/null +++ b/java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst @@ -0,0 +1 @@ +is/rud/crsspy/App.class diff --git a/java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst b/java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst new file mode 100644 index 0000000..fc616ea --- /dev/null +++ b/java/cspy/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst @@ -0,0 +1 @@ +/Users/bob/packages/cspy/java/cspy/src/main/java/is/rud/cspy/App.java diff --git a/java/cspy/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst b/java/cspy/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst new file mode 100644 index 0000000..e69de29 diff --git a/java/cspy/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst b/java/cspy/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst new file mode 100644 index 0000000..82d1c1a --- /dev/null +++ b/java/cspy/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst @@ -0,0 +1 @@ +/Users/bob/packages/cspy/java/cspy/src/test/java/is/rud/crsspy/AppTest.java diff --git a/java/cspy/target/surefire-reports/TEST-is.rud.crsspy.AppTest.xml b/java/cspy/target/surefire-reports/TEST-is.rud.crsspy.AppTest.xml new file mode 100644 index 0000000..3d75577 --- /dev/null +++ b/java/cspy/target/surefire-reports/TEST-is.rud.crsspy.AppTest.xml @@ -0,0 +1,65 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/java/cspy/target/surefire-reports/is.rud.crsspy.AppTest.txt b/java/cspy/target/surefire-reports/is.rud.crsspy.AppTest.txt new file mode 100644 index 0000000..53e9fc1 --- /dev/null +++ b/java/cspy/target/surefire-reports/is.rud.crsspy.AppTest.txt @@ -0,0 +1,4 @@ +------------------------------------------------------------------------------- +Test set: is.rud.crsspy.AppTest +------------------------------------------------------------------------------- +Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.047 s - in is.rud.crsspy.AppTest diff --git a/java/cspy/target/test-classes/is/rud/crsspy/AppTest.class b/java/cspy/target/test-classes/is/rud/crsspy/AppTest.class index 2768e41fdbdeebb5b69add2a5fa76664503379a8..a3cabb05e53abf3798a40543b8d89c30ee3dbbd6 100644 GIT binary patch delta 255 zcmZurO%B0e6r9(7ZTYnR>OVy6SdrKY3kR@~E?50ASIE8Z6ISHOVB%u^}_EG)Oy1qi2i2g1>;j#p|WK{ zgKi*aB9B5~6>LIs=^otX%3aT!gUQmH`oYsK5v04@d0T(D-Fw_oA2l4*phAQ_svhag z#}z~vbr7ROl+pZhja7^lvDP_dFmJQ^`Z{gMSyW{}fp4ed^;p2?<68$v4qb BAM5}C delta 273 zcmcb~e3Mz@)W2Q(7#J9g86?>mm>3yEGmG_$N>lWci;9a2D)k);3PMtgOV}A$CjJ+d zW3$Q3%Pg^DWMJ0N3}a+qan4Uk\%} +\alias{\%>\%} +\title{Pipe operator} +\usage{ +lhs \%>\% rhs +} +\description{ +See \code{magrittr::\link[magrittr]{\%>\%}} for details. +} +\keyword{internal} diff --git a/man/validate_csp.Rd b/man/validate_csp.Rd new file mode 100644 index 0000000..926682a --- /dev/null +++ b/man/validate_csp.Rd @@ -0,0 +1,19 @@ +% Generated by roxygen2: do not edit by hand +% Please edit documentation in R/csp-validate.R +\name{validate_csp} +\alias{validate_csp} +\title{Validate a CSP} +\usage{ +validate_csp(csp) +} +\arguments{ +\item{csp}{a \code{csp} object created with \code{\link[=fetch_csp]{fetch_csp()}} or \code{\link[=parse_csp]{parse_csp()}}} +} +\value{ +data frame +} +\description{ +Validates a content security policy. If policy problems are found +a data frame of information notes, warnings and errors is returned +with the specific locations of the issues in the original CSP string. +}