Feature #9117

Update to secure_headers 3.x

Added by Dominic Cleal about 2 years ago. Updated 7 months ago.

Status:Closed
Priority:Normal
Assigned To:Tomer Brisker
Category:Rails
Target version:Team Daniel - iteration 2
Difficulty: Bugzilla link:
Found in release: Pull request:https://github.com/theforeman/foreman/pull/3756
Story points-
Velocity based estimate-
Release1.14.0Release relationshipAuto

Description

secure_headers 2.x is out. I haven't really worked out what the difference between 1.x and 2.x is though, since the changelog's been removed.


Related issues

Related to Foreman - Bug #16566: secure headers should allow inline images in css Closed 09/15/2016
Related to Foreman - Bug #17084: Webpack dev server missing from CSP on "Welcome" pages Closed 10/25/2016

Associated revisions

Revision 5a368d81
Added by Tomer Brisker 7 months ago

Fixes #9117 - Upgrade secure_headers to version 3.4

Any plugin that makes changes to secure headers may need to be updated
to correctly handle this upgrade, as there have been some breaking
changes to the secure_headers api.

Revision 15f0c7c3
Added by Dominic Cleal 7 months ago

refs #9117 - update secure_headers to 3.4

History

#1 Updated by Dominic Cleal 10 months ago

  • Subject changed from Update to secure_headers 2.x to Update to secure_headers 3.x

#2 Updated by Tomer Brisker 7 months ago

  • Status changed from New to Assigned
  • Assigned To set to Tomer Brisker

#3 Updated by The Foreman Bot 7 months ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3756 added

#4 Updated by Tomer Brisker 7 months ago

  • Target version set to Team Daniel - iteration 2

#5 Updated by Anonymous 7 months ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#6 Updated by Dominic Cleal 7 months ago

  • Release set to 1.14.0

#7 Updated by Tomer Brisker 6 months ago

  • Related to Bug #16566: secure headers should allow inline images in css added

#8 Updated by Dominic Cleal 5 months ago

  • Related to Bug #17084: Webpack dev server missing from CSP on "Welcome" pages added

Also available in: Atom PDF