alphabetize and rubocop lint

KyFaSt · rei-moo · commit 46e742b36035 · 2025-12-12T18:53:47.000Z
diff --git a/lib/secure_headers/headers/policy_management.rb b/lib/secure_headers/headers/policy_management.rb
@@ -131,11 +131,11 @@ def self.included(base)
       NAVIGATE_TO               => :source_list,
       OBJECT_SRC                => :source_list,
       PLUGIN_TYPES              => :media_type_list,
+      PREFETCH_SRC              => :source_list,
+      REPORT_TO                 => :report_to_endpoint,
+      REPORT_URI                => :source_list,
       REQUIRE_SRI_FOR           => :require_sri_for_list,
       REQUIRE_TRUSTED_TYPES_FOR => :require_trusted_types_for_list,
-      REPORT_URI                => :source_list,
-      REPORT_TO                 => :report_to_endpoint,
-      PREFETCH_SRC              => :source_list,
       SANDBOX                   => :sandbox_list,
       SCRIPT_SRC                => :source_list,
       SCRIPT_SRC_ELEM           => :source_list,
@@ -161,8 +161,8 @@ def self.included(base)
       FORM_ACTION,
       FRAME_ANCESTORS,
       NAVIGATE_TO,
-      REPORT_URI,
       REPORT_TO,
+      REPORT_URI,
     ]
 
     FETCH_SOURCES = ALL_DIRECTIVES - NON_FETCH_SOURCES - NON_SOURCE_LIST_SOURCES
diff --git a/spec/lib/secure_headers/headers/content_security_policy_spec.rb b/spec/lib/secure_headers/headers/content_security_policy_spec.rb
@@ -212,30 +212,29 @@ module SecureHeaders
       end
 
       it "supports report-to directive with endpoint name" do
-        csp = ContentSecurityPolicy.new({default_src: %w('self'), report_to: "csp-endpoint"})
+        csp = ContentSecurityPolicy.new({ default_src: %w('self'), report_to: "csp-endpoint" })
         expect(csp.value).to eq("default-src 'self'; report-to csp-endpoint")
       end
 
       it "includes report-to before report-uri in alphabetical order" do
-        csp = ContentSecurityPolicy.new({default_src: %w('self'), report_uri: %w(/csp_report), report_to: "csp-endpoint"})
+        csp = ContentSecurityPolicy.new({ default_src: %w('self'), report_uri: %w(/csp_report), report_to: "csp-endpoint" })
         expect(csp.value).to eq("default-src 'self'; report-to csp-endpoint; report-uri /csp_report")
       end
 
       it "does not add report-to if the endpoint name is empty" do
-        csp = ContentSecurityPolicy.new({default_src: %w('self'), report_to: ""})
+        csp = ContentSecurityPolicy.new({ default_src: %w('self'), report_to: "" })
         expect(csp.value).to eq("default-src 'self'")
       end
 
       it "does not add report-to if not provided" do
-        csp = ContentSecurityPolicy.new({default_src: %w('self')})
+        csp = ContentSecurityPolicy.new({ default_src: %w('self') })
         expect(csp.value).not_to include("report-to")
       end
 
       it "supports report-to without report-uri" do
-        csp = ContentSecurityPolicy.new({default_src: %w('self'), report_to: "reporting-endpoint-name"})
+        csp = ContentSecurityPolicy.new({ default_src: %w('self'), report_to: "reporting-endpoint-name" })
         expect(csp.value).to eq("default-src 'self'; report-to reporting-endpoint-name")
       end
     end
   end
 end
-
diff --git a/spec/lib/secure_headers_spec.rb b/spec/lib/secure_headers_spec.rb
@@ -670,4 +670,3 @@ module SecureHeaders
     end
   end
 end
-

-Original file line number
+Diff line change
     end
   end
 end
+-