Releases: github/secure_headers
Releases · github/secure_headers
v7.1.0
v7.0.0
Increase performance of SecureSecurityPolicyConfig
What's Changed
- Make SecureSecurityPolicyConfig significantly faster by @jhawthorn in #506
- Note: If you are accessing values on SecureSecurityPolicyConfig as ivars, you will need to change this to hash access.
New Contributors
- @jhawthorn made their first contribution in #506
Full Changelog: v6.6.0...v6.7.0
v6.6.0
- CSP: Removed deprecated header
block-all-mixed-content
and replaced it with a recommendation to use the already supportedupgrade-insecure-requests
instead.
v6.5.0
v6.5.0 (#501) Release notes: - CSP: Remove source expression deduplication. (@lgarron) https://github.com/github/secure_headers/pull/499
v6.4.0
v6.3.4
- CSP: Do not deduplicate alternate schema source expressions (@keithamus): #478
https://github.com/github/secure_headers/blob/v6.3.4/CHANGELOG.md
v6.3.3
v6.3.2
Release notes:
- Add support for style-src-attr, style-src-elem, script-src-attr, and script-src-elem directives (@ggalmazor)
For more details, see https://github.com/github/secure_headers/blob/v6.3.2/CHANGELOG.md
v6.3.1
Release notes:
- Fixes deprecation warnings when running under ruby 2.7
For more details, see https://github.com/github/secure_headers/blob/v6.3.1/CHANGELOG.md