Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Confirm feature parity with secure_headers <=> rails vanilla #394

Open
4 tasks
oreoshake opened this issue Jul 19, 2018 · 2 comments
Open
4 tasks

Confirm feature parity with secure_headers <=> rails vanilla #394

oreoshake opened this issue Jul 19, 2018 · 2 comments

Comments

@oreoshake
Copy link
Contributor

A discussion in #275 was about ensuring that rails gets support for feature policy and how it would require an API similar to the CSP API. It made me think we should evaluate current features and open issues to see what we'd also like to see in rails.

  • Compile a list
  • Review it
  • open PRs/issues
  • 🍨

I'd like to deprecate and/or transfer ownership of this library eventually 😄
@jacobbednarz
Copy link
Contributor

It looks like Rails has most of them by default now that CSP has landed however I think the ability to override these on a per controller basis is missing (CSP is overridable via the global method).

@jasiekmiko jasiekmiko mentioned this issue Nov 8, 2018
Merged
@oreoshake
Copy link
Contributor Author

Note to self: I have a harness that makes the transition easier. It includes some ideas around improving the rails API. GitHub was able to (potentially) make the move with one shim and a couple helpers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jacobbednarz @oreoshake