Releases · github/secure_headers

15 Aug 02:30

v1.3.3

7d027ac

@agl just made a new option for HSTS representing confirmation that a site wants to be included in a browser's preload list (https://hstspreload.appspot.com).

This just adds a new 'preload' option to the HSTS settings to specify that option.

Assets 3

14 Aug 00:01

oreoshake

v1.3.2

f444e00

Add app tagging support

Tagging Requests

It's often valuable to send extra information in the report uri that is not available in the reports themselves. Namely, "was the policy enforced" and "where did the report come from"

{
  :tag_report_uri => true,
  :enforce => true,
  :app_name => 'twitter',
  :report_uri => 'csp_reports'
}

Results in

report-uri csp_reports?enforce=true&app_name=twitter

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!

Releases: github/secure_headers

hsts preload confirmation value support

Uh oh!

Add app tagging support

Uh oh!