All Versions
73
Latest Version
Avg Release Cycle
55 days
Latest Release
-

Changelog History
Page 2

  • v6.1 Changes

    โž• Adds support for navigate-to, prefetch-src, and require-sri-for #395

    ๐Ÿšš NOTE: this version is a breaking change due to the removal of HPKP. Remove the HPKP config, the standard is dead. Apologies for not doing a proper deprecate/major rev cycle :pray:

  • v6.0 Changes

    • โฌ†๏ธ See the [upgrading to 6.0](docs/upgrading-to-6-0.md) guide for the breaking changes.
  • v5.2.0

    January 21, 2020
  • v5.1.0

    January 21, 2020
  • v5.0.5 Changes

    • ๐Ÿš€ A release to deprecate SecureHeaders::Configuration#get in prep for 6.x
  • v5.0.4 Changes

    • ๐Ÿ’… Adds support for nonced_stylesheet_pack_tag #373 (@paulfri)
  • v5.0.3 Changes

    • โž• Add nonced versions of Rails link/include tags #372 (@steveh)
  • v5.0.2 Changes

    • โšก๏ธ Updates Referrer-Policy header to support multiple policy values
  • v5.0.1 Changes

    • โšก๏ธ Updates Expect-CT header to use a comma separator between directives, as specified in the most current spec.
  • v5.0.0 Changes

    โฌ†๏ธ Well this is a little embarassing. 4.0 was supposed to set the secure/httponly/samesite=lax attributes on cookies by default but it didn't. Now it does. - See the [upgrading to 5.0](docs/upgrading-to-5-0.md) guide.