-
Notifications
You must be signed in to change notification settings - Fork 253
Issues: github/secure_headers
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
SecureHeaders middleware erases all cookies in Rack 3 due to \n joining
#514
opened Apr 22, 2024 by
collinsauve
content_security_policy_nonce
calls Rails method so CSP does not contain nonce
#511
opened Sep 20, 2023 by
jdudley1123
nonced tag helpers including nonce directive in csp has potential to break applications
#470
opened Mar 23, 2021 by
pcasaretto
Guide for transitioning from secure_headers to vanilla rails csp
#466
opened Feb 12, 2021 by
oreoshake
Add simple static configuration option for bypassing application of all security headers
#450
opened Dec 15, 2020 by
h0jeZvgoxFepBQ2C
Validation on plugin-types does not allow for the empty directive
#448
opened Oct 23, 2020 by
oreoshake
Confirm feature parity with secure_headers <=> rails vanilla
#394
opened Jul 19, 2018 by
oreoshake
4 tasks
Remove logic that modifies policies in unexpected ways?
question
#385
opened Jan 24, 2018 by
oreoshake
CSP sources are incorrectly removed when both wildcards and schemes are present
#376
opened Nov 29, 2017 by
tessereth
Handle setting multiple headers of the same name (by using a comma-separate list)
enhancement
feature
#323
opened Apr 12, 2017 by
oreoshake
ProTip!
Exclude everything labeled
bug
with -label:bug.