e35ec69f90
Merge pull request #105 from spagalloco/x-download-options
...
X-Download-Options header support
2014-08-28 11:35:41 -07:00
7e6aae5431
X-Download-Options header support
2014-08-28 14:29:50 -04:00
ff4da2f22c
Merge pull request #106 from spagalloco/test-dependencies
...
remove ActiveRecord dependency from integration tests
2014-08-28 11:17:05 -07:00
76eb76fca3
remove ActiveRecord dependency from integration tests
2014-08-28 10:31:12 -04:00
7d027ac01b
bump and docs
2014-08-14 19:28:26 -07:00
3abf3f1d09
Merge pull request #104 from reedloden/preload
...
Add support for new HSTS 'preload' option
2014-08-14 19:25:55 -07:00
e69289bd35
Add support for new HSTS 'preload' option
...
@agl just made a new option for HSTS representing confirmation that a site
wants to be included in a browser's preload list
(https://hstspreload.appspot.com ).
2014-08-14 19:19:08 -07:00
58334a11da
Update README.md
2014-08-13 18:13:19 -07:00
f444e00f61
typo
2014-08-13 14:52:00 -07:00
bba215af04
docs and version bump
2014-08-13 14:50:25 -07:00
651ee71758
Merge pull request #102 from twitter/report_uri_tagging
...
add the ability to tag requests with report-only and app_name information
2014-08-13 14:45:36 -07:00
ea3f0a6188
add the ability to tag requests with report-only and app_name information
2014-08-12 17:26:33 -07:00
aa601ee960
docs and bump
2014-08-12 11:25:55 -07:00
448d5c1250
Merge pull request #100 from nealharris/neal-gracefully-parse-uris
...
same_origin? returns false for bad URIs
2014-08-11 16:43:12 -07:00
438065abf7
same_origin? returns false for bad URIs
2014-08-11 15:32:27 -07:00
b293b54fa0
docs and version bump (x2)
2014-08-08 18:45:25 -07:00
fab0f25285
Merge pull request #97 from twitter/enforce_lambda
...
Two bug fixes: lambda support for more config values and propegating the default-src value to img-src in one case
2014-08-08 17:51:18 -07:00
85b923c310
Merge branch 'master' into enforce_lambda
...
Conflicts:
fixtures/rails_3_2_12/spec/controllers/other_things_controller_spec.rb
lib/secure_headers/headers/content_security_policy.rb
2014-08-08 15:09:50 -07:00
325867fea9
Merge pull request #98 from twitter/nonce
...
Add standard CSP level 2 nonce
2014-08-08 15:02:58 -07:00
106fded12c
add backwards-compatibility layer for nonces
2014-08-08 08:56:02 -07:00
1c74f6b1e7
only set the nonce if actually used.
2014-08-08 08:40:14 -07:00
9aa07185dc
no need to ||=
2014-08-07 21:21:55 -07:00
46b14c773c
Add standard CSP level 2 nonce
2014-08-07 21:12:04 -07:00
1b6172a65e
Merge pull request #99 from twitter/fix_187
...
goodbye spork and simplecov, tired of you
2014-08-07 21:11:23 -07:00
9908ae6fa1
goodbye spork and simplecov, tired of you
2014-08-07 20:17:25 -07:00
619ff5e6f2
lol ruby: elsif -> else
2014-08-07 16:44:03 -07:00
6f125459d1
goodbye spork and simplecov, tired of you
2014-08-07 14:43:45 -07:00
957bef2787
fix tests from fake apps
2014-08-07 13:58:19 -07:00
b53d321ae7
some cleanup
2014-08-07 13:57:08 -07:00
156c32a1fb
Support lambdas for config values (other than experimental and http_additions)
2014-08-07 13:41:13 -07:00
4cc77d532f
Merge pull request #93 from dariocravero/master
...
Implemented Padrino hook in a more Padrino way
2014-06-23 12:45:12 -07:00
7c481b3314
Implemented Padrino hook in a more Padrino way by setting up a register
...
hook and hinting that the configuration should be moved towards
`before_load` in `config/boot.rb`
2014-06-21 00:05:49 +01:00
e51350485e
Merge pull request #92 from twitter/procs
...
Proc support for config values
2014-06-13 14:32:28 -07:00
a5a65257ae
don't modify the hash in place
2014-06-11 11:55:58 -07:00
d531dc427d
drop pry
2014-06-09 15:39:22 -07:00
689e8d3bbf
fixture test cleanup
2014-06-09 15:33:51 -07:00
cdf88d0195
add proc support
2014-06-09 14:51:27 -07:00
2fd8a5b344
remove spork
2014-06-09 14:20:48 -07:00
a3ec021da8
rvmrc change
2014-06-09 14:12:36 -07:00
0a18cc75ff
remove nonces
2014-06-09 13:48:40 -07:00
637bdecf4b
rspec3 syntax fixes
2014-06-09 13:47:33 -07:00
00592cd4a1
Merge pull request #89 from loganhasson/master
...
Convert specs to RSpec 2.14.8 syntax with transpec
VERR NICE HAI FIVE
2014-05-15 19:40:29 -07:00
4d01bfd5c9
Convert specs to RSpec 2.14.8 syntax with transpec
...
This conversion is done by Transpec 1.13.1 with the following command:
transpec
* 75 conversions
from: obj.should
to: expect(obj).to
* 54 conversions
from: == expected
to: eq(expected)
* 14 conversions
from: obj.stub(:message)
to: allow(obj).to receive(:message)
* 13 conversions
from: lambda { }.should
to: expect { }.to
* 10 conversions
from: lambda { }.should_not
to: expect { }.not_to
* 8 conversions
from: =~ /pattern/
to: match(/pattern/)
* 8 conversions
from: obj.should_receive(:message)
to: expect(obj).to receive(:message)
* 5 conversions
from: obj.should_not_receive(:message)
to: expect(obj).not_to receive(:message)
* 3 conversions
from: obj.should_not
to: expect(obj).not_to
* 1 conversion
from: Klass.any_instance.stub(:message)
to: allow_any_instance_of(Klass).to receive(:message)
2014-05-15 22:09:22 -04:00
339515d2ee
Merge pull request #87 from wyattanderson/patch-1
...
Link to repository root in README, not files in the tree
2014-03-26 10:18:31 -07:00
db6483d9cb
Link to repository root, not files in the tree
...
These links were pointed, somewhat confusingly, at files in the repository
instead of the repositories themselves.
2014-03-26 11:03:03 -04:00
208f3c99a0
Update README.md
2014-03-12 08:13:01 -07:00
893b9caddf
Update README.md
...
Fix example referenced in https://github.com/twitter/secureheaders/pull/86/files
2014-03-11 17:51:14 -07:00
af281b6c04
Merge pull request #83 from salimane/pr_ruby_2_1_0
...
Add Ruby 2.0.0, 2.1.0 to .travis.yml
2013-12-28 01:06:12 -08:00
08cc137c03
Add Ruby 2.0.0, 2.1.0 to .travis.yml
2013-12-28 09:42:40 +01:00
ead9993ef2
docs, bump
2013-12-18 15:49:06 -08:00
Neil Matatall
Steve Agalloco
Reed Loden
Chris Aniszczyk
Neil Matatall
Neal Harris
Darío Javier Cravero
Logan Hasson
Wyatt Anderson
Salimane Adjao Moustapha