SecureHeaders changelog

Manages application of security headers with many safe defaults

All Versions

73

Latest Version

Avg Release Cycle

55 days

Latest Release

-

Changelog History

Page 8

v1.3.4 Changes
October 13, 2014
- ➕ Adds X-Download-Options support
- ➕ Adds support for X-XSS-Protection reporting
- 🚅 Defers loading of rails engine for faster boot times
v1.3.3 Changes
August 15, 2014
💻 @agl just made a new option for HSTS representing confirmation that a site wants to be included in a browser's preload list (https://hstspreload.appspot.com).

This just adds a new 'preload' option to the HSTS settings to specify that option.
v1.3.2 Changes
August 14, 2014
🏷 Tagging Requests

It's often valuable to send extra information in the report uri that is not available in the reports themselves. Namely, "was the policy enforced" and "where did the report come from"
```
{
  :tag_report_uri => true,
  :enforce => true,
  :app_name => 'twitter',
  :report_uri => 'csp_reports'
}
```
Results in
```
report-uri csp_reports?enforce=true&app_name=twitter
```

Awesome Ruby is part of the LibHunt network. Terms. Privacy Policy.