All Versions
73
Latest Version
Avg Release Cycle
55 days
Latest Release
-

Changelog History
Page 2

  • v6.1 Changes

    ➕ Adds support for navigate-to, prefetch-src, and require-sri-for #395

    🚚 NOTE: this version is a breaking change due to the removal of HPKP. Remove the HPKP config, the standard is dead. Apologies for not doing a proper deprecate/major rev cycle :pray:

  • v6.0 Changes

    • ⬆️ See the [upgrading to 6.0](docs/upgrading-to-6-0.md) guide for the breaking changes.
  • v5.2.0

    January 21, 2020
  • v5.1.0

    January 21, 2020
  • v5.0.5 Changes

    • 🚀 A release to deprecate SecureHeaders::Configuration#get in prep for 6.x
  • v5.0.4 Changes

    • 💅 Adds support for nonced_stylesheet_pack_tag #373 (@paulfri)
  • v5.0.3 Changes

    • ➕ Add nonced versions of Rails link/include tags #372 (@steveh)
  • v5.0.2 Changes

    • ⚡️ Updates Referrer-Policy header to support multiple policy values
  • v5.0.1 Changes

    • ⚡️ Updates Expect-CT header to use a comma separator between directives, as specified in the most current spec.
  • v5.0.0 Changes

    ⬆️ Well this is a little embarassing. 4.0 was supposed to set the secure/httponly/samesite=lax attributes on cookies by default but it didn't. Now it does. - See the [upgrading to 5.0](docs/upgrading-to-5-0.md) guide.