Secure Headers

The gem will automatically apply several headers that are related to security. This includes: Content Security Policy (CSP) - Helps detect/prevent XSS, mixed-content, and other classes of attack HTTP Strict Transport Security (HSTS) X-Frame-Options (XFO) X-XSS-Protection X-Content-Type-Options X-Download-Options X-Permitted-Cross-Domain-Policies Referrer-Policy Expect-CT Clear-Site-Data