-
Elixir 1.5.1. When I attempt to compile with secure_headers 0.0.1 added to my project's dependencies, I get this error:
```
== Compilation error in file lib/headers/x_xss_protection.ex ==
** (Argu…
-
### What is the problem?
I just generated a stub app and tried `blitz install` for secureheaders.
After this step:
![image](https://github.com/user-attachments/assets/502bcb97-52bf-4db1-a7de-…
-
Hello,
i would like to suggest to add Permissions-Policy as an option to`SecureHeaders GatewayFilter`,
so that it's part of existing security component and easy to apply when sensible.
Motivat…
-
# Bugs
SecureHeaders is not compatible with this change from [Rack 3](https://github.com/rack/rack/blob/main/UPGRADE-GUIDE.md#multiple-response-header-values-are-encoded-using-an-array) as SH uses …
-
Please don't monkey patch, a better way to add a nonce for twitter/secureheaders is by using the `content_security_policy_nonce(:script)` helper. I advise a documentation update.
-
Personally, I'd like to chain my settings, so instead of this:
```php
// init SecureHeaders
$headers = new SecureHeaders;
$headers->auto();
$headers->hsts();
$headers->csp([
'default-sr…
-
A warning should be raised if secure_headers are not used.
https://github.com/twitter/secureheaders
-
The suggestion first appeared in https://github.com/aidantwoods/SecureHeaders/pull/69#issuecomment-355736880 .
Choose license - and attach license file to the repository.
-
Is there a way to enable this gem in an initializer completely?
F.e. we host our app for different customers, but due to various reasons we want to upgrade manually.
So I would like to enable se…
-
In using the `@sonikjs/cloudflare-pages`, I noticed that static assets would not be served correctly if I created a new instance of Hono in my route, for purposes of adding additional middleware. This…