diff options
| author | Aaron Patterson <aaron.patterson@gmail.com> | 2012-08-09 13:38:29 -0700 |
|---|---|---|
| committer | Aaron Patterson <aaron.patterson@gmail.com> | 2012-08-09 13:38:29 -0700 |
| commit | 6794e92b204572d75a07bd6413bdae6ae22d5a82 (patch) | |
| tree | dfec13e94add6c7c181cda11b13f56a4b7e1baf1 /railties | |
| parent | 6a3d4695f043031b73b1f5bc218fbeeae9fff771 (diff) | |
| parent | 98c18d0058a01e47f3acb10b3a105d79bd1597bf (diff) | |
| download | rails-6794e92b204572d75a07bd6413bdae6ae22d5a82.tar.gz rails-6794e92b204572d75a07bd6413bdae6ae22d5a82.tar.bz2 rails-6794e92b204572d75a07bd6413bdae6ae22d5a82.zip | |
Merge pull request #7302 from homakov/default_headers
Introduce default_headers. closes #6311 #6515
Diffstat (limited to 'railties')
| -rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/application.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/application.rb b/railties/lib/rails/generators/rails/app/templates/config/application.rb index 1ee90e88f2..f20dd78031 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/application.rb +++ b/railties/lib/rails/generators/rails/app/templates/config/application.rb @@ -41,6 +41,11 @@ module <%= app_const_base %> # Configure sensitive parameters which will be filtered from the log file. config.filter_parameters += [:password] + config.action_dispatch.default_headers = { + 'X-Frame-Options' => 'SAMEORIGIN', + 'X-XSS-Protection' => '1; mode=block' + } + # Use SQL instead of Active Record's schema dumper when creating the database. # This is necessary if your schema can't be completely dumped by the schema dumper, # like if you have constraints or database-specific column types. |