Upgrade version and docs to 7.0 (#528)
## All PRs: * [x] Has tests * [x] Documentation updated ## Adding a new header N/A ## Adding a new CSP directive N/A Closes https://github.com/github/secure_headers/issues/480
This commit is contained in:
Родитель
6b5eb3304d
Коммит
bac6daea11
|
@ -0,0 +1,12 @@
|
||||||
|
## X-Xss-Protection is set to 0 by default
|
||||||
|
|
||||||
|
Version 6 and below of `secure_headers` set the `X-Xss-Protection` to `1; mode=block` by default. This was done to protect against reflected XSS attacks. However, this header is no longer recommended (see https://github.com/github/secure_headers/issues/439 for more information).
|
||||||
|
|
||||||
|
If any functionality in your app depended on this header being set to the previous value, you will need to set it explicitly in your configuration.
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
# config/initializers/secure_headers.rb
|
||||||
|
SecureHeaders::Configuration.default do |config|
|
||||||
|
config.x_xss_protection = "1; mode=block"
|
||||||
|
end
|
||||||
|
```
|
|
@ -1,5 +1,5 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
module SecureHeaders
|
module SecureHeaders
|
||||||
VERSION = "6.5.0"
|
VERSION = "7.0.0"
|
||||||
end
|
end
|
||||||
|
|
|
@ -13,7 +13,7 @@ Gem::Specification.new do |gem|
|
||||||
gem.description = 'Add easily configured security headers to responses
|
gem.description = 'Add easily configured security headers to responses
|
||||||
including content-security-policy, x-frame-options,
|
including content-security-policy, x-frame-options,
|
||||||
strict-transport-security, etc.'
|
strict-transport-security, etc.'
|
||||||
gem.homepage = "https://github.com/twitter/secureheaders"
|
gem.homepage = "https://github.com/github/secure_headers"
|
||||||
gem.license = "MIT"
|
gem.license = "MIT"
|
||||||
gem.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
|
gem.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
|
||||||
gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
||||||
|
|
Загрузка…
Ссылка в новой задаче