Secure Headers
на сайте с December 09, 2022 02:53
The gem will automatically apply several headers that are related to security. This includes:
Content Security Policy (CSP) - Helps detect/prevent XSS, mixed-content, and other classes of attack
HTTP Strict Transport Security (HSTS)
X-Frame-Options (XFO)
X-XSS-Protection
X-Content-Type-Options
X-Download-Options
X-Permitted-Cross-Domain-Policies
Referrer-Policy
Expect-CT
Clear-Site-Data