0.1.0 introduced a serious regression in which child controllers overwrote parent controller config values
Bug fix. Firefox doesn't seem to like the default-src directive, reverting back to 'allow'
- Gem is renamed to secure_headers. This will make bundler happy. github#26
- ability to apply two headers, one in enforce mode, one in "experimental" mode github#11
- Rails 3.0 support github#28
- Fix issue where settings in application_controller were ignored if no intializer was supplied github#25
- Better support for other frameworks, including docs from @achui, @bmaland
- Rails 4 routes support from @jviney github#13
- data: automatically whitelisted for img-src
- Doc updates from @ming13, @theverything, @dcollazo