All Versions
73
Latest Version
Avg Release Cycle
55 days
Latest Release
-
Changelog History
Page 2
Changelog History
Page 2
-
v6.1 Changes
โ Adds support for navigate-to, prefetch-src, and require-sri-for #395
๐ NOTE: this version is a breaking change due to the removal of HPKP. Remove the HPKP config, the standard is dead. Apologies for not doing a proper deprecate/major rev cycle :pray:
-
v6.0 Changes
- โฌ๏ธ See the [upgrading to 6.0](docs/upgrading-to-6-0.md) guide for the breaking changes.
-
v5.2.0
January 21, 2020 -
v5.1.0
January 21, 2020 -
v5.0.5 Changes
- ๐ A release to deprecate
SecureHeaders::Configuration#get
in prep for 6.x
- ๐ A release to deprecate
-
v5.0.4 Changes
- ๐
Adds support for
nonced_stylesheet_pack_tag
#373 (@paulfri)
- ๐
Adds support for
-
v5.0.3 Changes
- โ Add nonced versions of Rails link/include tags #372 (@steveh)
-
v5.0.2 Changes
- โก๏ธ Updates
Referrer-Policy
header to support multiple policy values
- โก๏ธ Updates
-
v5.0.1 Changes
- โก๏ธ Updates
Expect-CT
header to use a comma separator between directives, as specified in the most current spec.
- โก๏ธ Updates
-
v5.0.0 Changes
โฌ๏ธ Well this is a little embarassing. 4.0 was supposed to set the secure/httponly/samesite=lax attributes on cookies by default but it didn't. Now it does. - See the [upgrading to 5.0](docs/upgrading-to-5-0.md) guide.