github/secure_headers issues and pull requests

#548 - Bump ruby/setup-ruby from 1.207.0 to 1.221.0

Pull Request - State: open - Opened by dependabot[bot] 2 days ago
Labels: dependencies

#547 - Bump ruby/setup-ruby from 1.207.0 to 1.218.0

Pull Request - State: closed - Opened by dependabot[bot] 9 days ago - 1 comment
Labels: dependencies

#546 - fix: Fix typos

Pull Request - State: open - Opened by myersg86 14 days ago

#545 - "Configuration already exists" error

Issue - State: open - Opened by owen2345 14 days ago

#544 - Bump ruby/setup-ruby from 1.207.0 to 1.215.0

Pull Request - State: closed - Opened by dependabot[bot] 16 days ago - 1 comment
Labels: dependencies

#543 - Bump ruby/setup-ruby from 1.207.0 to 1.214.0

Pull Request - State: closed - Opened by dependabot[bot] 23 days ago - 1 comment
Labels: dependencies

#542 - Bump ruby/setup-ruby from 1.207.0 to 1.213.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies

#541 - Lowercase header issue: SecureHeaders::OPT_OUT Fails to Remove Non-Lowercase Headers in Rails Default Config

Issue - State: open - Opened by GabDesilets about 1 month ago

#540 - Bump ruby/setup-ruby from 1.204.0 to 1.207.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies

#539 - Bump ruby/setup-ruby from 1.204.0 to 1.206.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies

#538 - Bump ruby/setup-ruby from 1.203.0 to 1.204.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies

#537 - Bump ruby/setup-ruby from 1.202.0 to 1.203.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies

#536 - Cleanup Repository files and Gem build

Pull Request - State: closed - Opened by rzhade3 2 months ago

#535 - Bump ruby/setup-ruby from 1.197.0 to 1.202.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#534 - Bump ruby/setup-ruby from 1.197.0 to 1.199.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies

#533 - Lowercase headers

Pull Request - State: closed - Opened by arashnd 4 months ago - 2 comments

#532 - Set default `frame-ancestors` on default Content-Security-Policy

Issue - State: open - Opened by rzhade3 4 months ago - 2 comments

#531 - Remove non necessary files from bundled Ruby Gem

Issue - State: closed - Opened by rzhade3 4 months ago - 1 comment
Labels: good first issue

#530 - Bump ruby/setup-ruby from 1.196.0 to 1.197.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#529 - Add report-to CSP directive

Pull Request - State: open - Opened by loremotta33 4 months ago - 4 comments

#528 - Upgrade version and docs to 7.0

Pull Request - State: closed - Opened by rzhade3 4 months ago

#527 - Bump ruby/setup-ruby from 1.195.0 to 1.196.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#526 - Bump ruby/setup-ruby from 1.190.0 to 1.195.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#525 - Bump ruby/setup-ruby from 1.190.0 to 1.194.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#524 - Bump ruby/setup-ruby from 1.190.0 to 1.193.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#523 - Bump ruby/setup-ruby from 1.190.0 to 1.192.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#522 - Bump ruby/setup-ruby from 1.190.0 to 1.191.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#521 - [Housekeeping] Add permissions to build workflow and pin ruby

Pull Request - State: closed - Opened by vcsjones 6 months ago

#520 - Update build.yml

Pull Request - State: closed - Opened by boveus 6 months ago

#516 - fix: Avoid throwing cookie headers when encountering an empty cookie-av

Pull Request - State: closed - Opened by MrLukeSmith 7 months ago - 1 comment

#514 - SecureHeaders middleware erases all cookies in Rack 3 due to \n joining

Issue - State: open - Opened by collinsauve 10 months ago - 1 comment

#513 - RubyGems doesn't have latest version of this gem

Issue - State: closed - Opened by zmariscal over 1 year ago - 3 comments

#512 - CSP Report-uri deprecated, replaced by report-to

Issue - State: open - Opened by martindaehn23 over 1 year ago

#511 - `content_security_policy_nonce` calls Rails method so CSP does not contain nonce

Issue - State: open - Opened by jdudley1123 over 1 year ago - 2 comments

#510 - Bump actions/checkout from 3 to 4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies

#509 - deprecate block-all-mixed-content

Pull Request - State: closed - Opened by KyFaSt over 1 year ago

#508 - test issue

Issue - State: closed - Opened by KyFaSt over 1 year ago

#507 - test issue

Issue - State: closed - Opened by KyFaSt over 1 year ago

#506 - Make SecureSecurityPolicyConfig significantly faster

Pull Request - State: closed - Opened by jhawthorn almost 2 years ago

#505 - How can I disable 'unsafe-inline' from script-src?

Issue - State: closed - Opened by josemateuss almost 2 years ago - 1 comment

#504 - Adds Ruby 3.2 to the CI matrix

Pull Request - State: closed - Opened by petergoldstein about 2 years ago - 1 comment

#503 - jekyll integration

Issue - State: closed - Opened by LeoWebSEO over 2 years ago - 3 comments

#502 - Update `.ruby-version` to `3.1.1`

Pull Request - State: closed - Opened by lgarron over 2 years ago

#501 - v6.5.0

Pull Request - State: closed - Opened by lgarron over 2 years ago

#500 - CI changes: run on push, drop Ruby 2.5

Pull Request - State: closed - Opened by lgarron over 2 years ago

#499 - Remove source expression deduplication.

Pull Request - State: closed - Opened by lgarron over 2 years ago

#498 - Semantically parse and deduplicate source expressions

Pull Request - State: closed - Opened by lgarron over 2 years ago - 3 comments

#497 - Semantically parse source expressions.

Pull Request - State: closed - Opened by lgarron over 2 years ago

#496 - Set license code in metadata to MIT

Pull Request - State: closed - Opened by ekohl over 2 years ago

#495 - Trusted types: Use single-quoted `'script'`.

Pull Request - State: closed - Opened by lgarron over 2 years ago

#494 - update version and changelog

Pull Request - State: closed - Opened by KyFaSt over 2 years ago

#493 - Use SPDX license code and swap summary & description

Pull Request - State: closed - Opened by ekohl over 2 years ago

#492 - Installation instructions unclear

Issue - State: closed - Opened by TravisSpangle over 2 years ago - 1 comment

#491 - URI::InvalidURIError: Invalid data URI

Issue - State: closed - Opened by istana over 2 years ago - 1 comment

#490 - fix source dedup breaking with port wildcards

Pull Request - State: closed - Opened by machisuji over 2 years ago - 7 comments

#489 - Add Ruby 3.1 to the CI configuration

Pull Request - State: closed - Opened by petergoldstein over 2 years ago - 1 comment

#488 - Add Dependabot for GitHub Actions

Pull Request - State: closed - Opened by petergoldstein over 2 years ago - 2 comments

#487 - Update changelog and version for v6.3.4.

Pull Request - State: closed - Opened by lgarron over 2 years ago

#486 - Add trusted-types and require-trusted-types-for CSP Directive

Pull Request - State: closed - Opened by KyFaSt over 2 years ago

#485 - Add tests for hash generation

Pull Request - State: open - Opened by rahearn over 2 years ago

#484 - Handle different schemes in dedup logic

Pull Request - State: closed - Opened by srt32 over 2 years ago - 1 comment

#483 - Update README.md

Pull Request - State: closed - Opened by akashhansda almost 3 years ago

#482 - Set `default-src` CSP Attribute to `none` by default

Issue - State: open - Opened by rzhade3 almost 3 years ago - 1 comment

#481 - Update README.md

Pull Request - State: closed - Opened by akashhansda almost 3 years ago

#480 - Major Version 7.0.0

Issue - State: closed - Opened by JackMc almost 3 years ago - 1 comment

#479 - Update default X-XSS-Protection value to 0

Pull Request - State: closed - Opened by rzhade3 almost 3 years ago - 2 comments

#478 - do not dedupe alternate schema source expresions

Pull Request - State: closed - Opened by keithamus almost 3 years ago - 5 comments

#477 - normalize domains with trailing slashes

Pull Request - State: open - Opened by keithamus almost 3 years ago - 1 comment

#476 - Support CSP "double policies"

Issue - State: open - Opened by rohansharma about 3 years ago

#475 - Add global config for nonce (and hash) application

Pull Request - State: closed - Opened by pcasaretto about 3 years ago - 3 comments

#474 - Add require-trusted-types-for to CSP

Issue - State: closed - Opened by dorianmariefr about 3 years ago - 3 comments

#473 - Why is CSP in report only mode blocking requests?

Issue - State: closed - Opened by VikasKumar190 over 3 years ago - 3 comments

#472 - Fix hash generation for indented helper methods

Pull Request - State: closed - Opened by rahearn over 3 years ago - 3 comments

#471 - Add support for CSP level 3

Issue - State: closed - Opened by ankitagrawal0x90 over 3 years ago - 3 comments

#470 - nonced tag helpers including nonce directive in csp has potential to break applications

Issue - State: open - Opened by pcasaretto almost 4 years ago - 17 comments

#469 - Incorrect Version as latest release

Issue - State: closed - Opened by ibexcrm-dev almost 4 years ago - 1 comment

#468 - Update ruby build scripts and bump test matrix versions

Pull Request - State: closed - Opened by oreoshake almost 4 years ago

#467 - Fix ClearSiteData example

Pull Request - State: closed - Opened by sapientpants almost 4 years ago

#466 - Guide for transitioning from secure_headers to vanilla rails csp

Issue - State: open - Opened by oreoshake about 4 years ago - 3 comments

#465 - Add missing CSP version 3 directives

Pull Request - State: closed - Opened by ggalmazor about 4 years ago - 7 comments

#464 - modify lists in place instead of returning new objects

Pull Request - State: closed - Opened by oreoshake about 4 years ago

#463 - use un-rolled method for duplciating configs instead of serializing to and from hash

Pull Request - State: closed - Opened by oreoshake about 4 years ago - 1 comment

#462 - [micro-optimization] use regexp.match instead of =~

Pull Request - State: closed - Opened by oreoshake about 4 years ago

#461 - Don't reference the request object until after the application stack has run

Pull Request - State: closed - Opened by oreoshake about 4 years ago

#460 - Add ability to cache default header set

Pull Request - State: closed - Opened by oreoshake about 4 years ago - 1 comment

#459 - Setting SameSite cookie attribute conditionally

Issue - State: closed - Opened by arashb31 about 4 years ago - 4 comments

#452 - Add disable_minification option to CSP config to bypass any post-processing of config data

Pull Request - State: closed - Opened by oreoshake about 4 years ago - 3 comments

#451 - Deadlink in readme file in this repo to https://github.com/sourceclear/headlines which does not exist - Status code [404:NotFound]

Pull Request - State: closed - Opened by MrCull about 4 years ago

GitHub / github/secure_headers issues and pull requests