SecureHeaders v3.1.1 Release Notes
-
👀 See https://github.com/twitter/secureheaders/pull/235
➕
idempotent_additions?
would return false when comparingOPT_OUT
withOPT_OUT
, causingheader_hash_for
to return a header cache with{ nil => nil }
which cause the middleware to blow up when{ nil => nil }
was merged into the rack header hash.This is a regression in 3.1.0 only.
Now it returns true. I've added a test case to ensure that
header_hash_for
will never return such an element.