Permalink
Browse files

Add 'X-Frame-Options' => 'SAMEORIGIN' and 'X-XSS-Protection' => '1; m…

…ode=block' CHANGELOG entry
  • Loading branch information...
1 parent 5a0372f commit 0b11dbe2fe6d640d0cbaec9a2d2886fb384a8c5b @spastorino spastorino committed Aug 10, 2012
Showing with 6 additions and 0 deletions.
  1. +6 −0 actionpack/CHANGELOG.md
View
@@ -1,5 +1,11 @@
## Rails 4.0.0 (unreleased) ##
+* Add 'X-Frame-Options' => 'SAMEORIGIN' and
+ 'X-XSS-Protection' => '1; mode=block'
+ as default headers.
+
+ *Egor Homakov*
+
* Allow data attributes to be set as a first-level option for form_for, so you can write `form_for @record, data: { behavior: 'autosave' }` instead of `form_for @record, html: { data: { behavior: 'autosave' } }` *DHH*
* Deprecate `button_to_function` and `link_to_function` helpers.

0 comments on commit 0b11dbe

Please sign in to comment.