Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade secure_headers gem #2062

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

willbarrett
Copy link
Contributor

No description provided.

@sethherr
Copy link
Member

The test that is broken is important, we need to be able to provide iframes off of our current domain.

I think there might be some CORs stuff that is important too.

Also FYI - this is one of the few places where I'm not confident about our test coverage, because of differences in between production and development, and this will warrant some click testing before and after shipping.

@willbarrett
Copy link
Contributor Author

Yes, it also appears that the basic usage of secure_headers has changed since the version that's currently in use - so, this will require re-implementation in order to support the upgrade. Usage seems consistent between the target version and most recent, so the right way forward here is likely to upgrade to most recent, add the missing test coverage, and re-implement, maybe not necessarily in that order.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants