All Versions
73
Latest Version
Avg Release Cycle
55 days
Latest Release
-
Changelog History
Page 2
Changelog History
Page 2
-
v6.1 Changes
➕ Adds support for navigate-to, prefetch-src, and require-sri-for #395
🚚 NOTE: this version is a breaking change due to the removal of HPKP. Remove the HPKP config, the standard is dead. Apologies for not doing a proper deprecate/major rev cycle :pray:
-
v6.0 Changes
- ⬆️ See the [upgrading to 6.0](docs/upgrading-to-6-0.md) guide for the breaking changes.
-
v5.2.0
January 21, 2020 -
v5.1.0
January 21, 2020 -
v5.0.5 Changes
- 🚀 A release to deprecate
SecureHeaders::Configuration#get
in prep for 6.x
- 🚀 A release to deprecate
-
v5.0.4 Changes
- 💅 Adds support for
nonced_stylesheet_pack_tag
#373 (@paulfri)
- 💅 Adds support for
-
v5.0.3 Changes
- ➕ Add nonced versions of Rails link/include tags #372 (@steveh)
-
v5.0.2 Changes
- ⚡️ Updates
Referrer-Policy
header to support multiple policy values
- ⚡️ Updates
-
v5.0.1 Changes
- ⚡️ Updates
Expect-CT
header to use a comma separator between directives, as specified in the most current spec.
- ⚡️ Updates
-
v5.0.0 Changes
⬆️ Well this is a little embarassing. 4.0 was supposed to set the secure/httponly/samesite=lax attributes on cookies by default but it didn't. Now it does. - See the [upgrading to 5.0](docs/upgrading-to-5-0.md) guide.