diff options
Diffstat (limited to 'guides/source')
-rw-r--r-- | guides/source/active_storage_overview.md | 2 | ||||
-rw-r--r-- | guides/source/configuring.md | 5 | ||||
-rw-r--r-- | guides/source/security.md | 5 |
3 files changed, 9 insertions, 3 deletions
diff --git a/guides/source/active_storage_overview.md b/guides/source/active_storage_overview.md index d9f5aa8385..97c56dfd93 100644 --- a/guides/source/active_storage_overview.md +++ b/guides/source/active_storage_overview.md @@ -175,7 +175,7 @@ google: Add the [`google-cloud-storage`](https://github.com/GoogleCloudPlatform/google-cloud-ruby/tree/master/google-cloud-storage) gem to your `Gemfile`: ```ruby -gem "google-cloud-storage", "~> 1.3", require: false +gem "google-cloud-storage", "~> 1.8", require: false ``` ### Mirror Service diff --git a/guides/source/configuring.md b/guides/source/configuring.md index 36c2fdb0b8..a0bf6046da 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -462,7 +462,10 @@ The schema dumper adds one additional configuration option: config.action_dispatch.default_headers = { 'X-Frame-Options' => 'SAMEORIGIN', 'X-XSS-Protection' => '1; mode=block', - 'X-Content-Type-Options' => 'nosniff' + 'X-Content-Type-Options' => 'nosniff', + 'X-Download-Options' => 'noopen', + 'X-Permitted-Cross-Domain-Policies' => 'none', + 'Referrer-Policy' => 'strict-origin-when-cross-origin' } ``` diff --git a/guides/source/security.md b/guides/source/security.md index ab5a5a7a31..de0b523057 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -1070,7 +1070,10 @@ Every HTTP response from your Rails application receives the following default s config.action_dispatch.default_headers = { 'X-Frame-Options' => 'SAMEORIGIN', 'X-XSS-Protection' => '1; mode=block', - 'X-Content-Type-Options' => 'nosniff' + 'X-Content-Type-Options' => 'nosniff', + 'X-Download-Options' => 'noopen', + 'X-Permitted-Cross-Domain-Policies' => 'none', + 'Referrer-Policy' => 'strict-origin-when-cross-origin' } ``` |