3 files changed, 9 insertions, 3 deletions

diff --git a/guides/source/active_storage_overview.md b/guides/source/active_storage_overview.md
index d9f5aa8385..97c56dfd93 100644
--- a/guides/source/active_storage_overview.md
+++ b/guides/source/active_storage_overview.md
@@ -175,7 +175,7 @@ google:
 Add the [`google-cloud-storage`](https://github.com/GoogleCloudPlatform/google-cloud-ruby/tree/master/google-cloud-storage) gem to your `Gemfile`:
 
 ```ruby
-gem "google-cloud-storage", "~> 1.3", require: false
+gem "google-cloud-storage", "~> 1.8", require: false
 ```
 
 ### Mirror Service
diff --git a/guides/source/configuring.md b/guides/source/configuring.md
index 36c2fdb0b8..a0bf6046da 100644
--- a/guides/source/configuring.md
+++ b/guides/source/configuring.md
@@ -462,7 +462,10 @@ The schema dumper adds one additional configuration option:
     config.action_dispatch.default_headers = {
       'X-Frame-Options' => 'SAMEORIGIN',
       'X-XSS-Protection' => '1; mode=block',
-      'X-Content-Type-Options' => 'nosniff'
+      'X-Content-Type-Options' => 'nosniff',
+      'X-Download-Options' => 'noopen',
+      'X-Permitted-Cross-Domain-Policies' => 'none',
+      'Referrer-Policy' => 'strict-origin-when-cross-origin'
     }
     ```
 
diff --git a/guides/source/security.md b/guides/source/security.md
index ab5a5a7a31..de0b523057 100644
--- a/guides/source/security.md
+++ b/guides/source/security.md
@@ -1070,7 +1070,10 @@ Every HTTP response from your Rails application receives the following default s
 config.action_dispatch.default_headers = {
   'X-Frame-Options' => 'SAMEORIGIN',
   'X-XSS-Protection' => '1; mode=block',
-  'X-Content-Type-Options' => 'nosniff'
+  'X-Content-Type-Options' => 'nosniff',
+  'X-Download-Options' => 'noopen',
+  'X-Permitted-Cross-Domain-Policies' => 'none',
+  'Referrer-Policy' => 'strict-origin-when-cross-origin'
 }
 ```