mirrors
/
rails
mirror of https://github.com/rails/rails
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

Document what the new default_headers will be [ci skip]

This commit is contained in:
Rafael Mendonça França 2022-01-06 15:40:38 +00:00
parent 9188b49883
commit e0c29df00d
No known key found for this signature in database
GPG Key ID: FC23B6D0F1EEE948
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
guides/source/configuring.md
View File

@ -939,7 +939,6 @@ config.action_dispatch.default_headers = {
'X-Frame-Options' => 'SAMEORIGIN',
'X-XSS-Protection' => '1; mode=block',
'X-Content-Type-Options' => 'nosniff',
'X-Download-Options' => 'noopen',
'X-Permitted-Cross-Domain-Policies' => 'none',
'Referrer-Policy' => 'strict-origin-when-cross-origin'
}
@ -1763,6 +1762,16 @@ Accepts a string for the HTML tag used to wrap attachments. Defaults to `"action
#### For '7.1', defaults from previous versions below and:
- `config.action_dispatch.default_headers`:
{
"X-Frame-Options" => "SAMEORIGIN",
"X-XSS-Protection" => "0",
"X-Content-Type-Options" => "nosniff",
"X-Permitted-Cross-Domain-Policies" => "none",
"Referrer-Policy" => "strict-origin-when-cross-origin"
}
#### For '7.0', defaults from previous versions below and: