Initial secure_headers config after some testing.

author: Connor Shea <connor.james.shea@gmail.com> 2016-06-17 15:03:30 -0600
committer: Connor Shea <connor.james.shea@gmail.com> 2016-07-18 11:43:35 -0600
commit: cc0d15a8869e25eb02b5e829e24ae3933419760f (patch)
tree: 4108e99cc7a20be7bdc01dea36f9b4d3e2dc4865
parent: c367fa8eb773a049ffdfe4735d42254ed808fef2 (diff)
download: gitlab-ce-cc0d15a8869e25eb02b5e829e24ae3933419760f.tar.gz
2 files changed, 7 insertions, 0 deletions
diff --git a/Gemfile b/Gemfile
index 81e8ff60ad5..fbd899ccf09 100644
--- a/Gemfile
+++ b/Gemfile
@@ -349,3 +349,6 @@ gem 'health_check', '~> 2.1.0'
 # System information
 gem 'vmstat', '~> 2.1.0'
 gem 'sys-filesystem', '~> 1.1.6'
+
+# Secure headers for Content Security Policy
+gem 'secure_headers', '~> 3.3'
diff --git a/Gemfile.lock b/Gemfile.lock
index 0987fd5665a..ace9f103b58 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -645,6 +645,8 @@ GEM
     sdoc (0.3.20)
       json (>= 1.1.3)
       rdoc (~> 3.10)
+    secure_headers (3.3.2)
+      useragent
     seed-fu (2.3.6)
       activerecord (>= 3.1)
       activesupport (>= 3.1)
@@ -767,6 +769,7 @@ GEM
       get_process_mem (~> 0)
       unicorn (>= 4, < 6)
     uniform_notifier (1.9.0)
+    useragent (0.16.7)
     uuid (2.3.8)
       macaddr (~> 1.0)
     version_sorter (2.0.0)
@@ -944,6 +947,7 @@ DEPENDENCIES
   sass-rails (~> 5.0.0)
   scss_lint (~> 0.47.0)
   sdoc (~> 0.3.20)
+  secure_headers (~> 3.3)
   seed-fu (~> 2.3.5)
   select2-rails (~> 3.5.9)
   sentry-raven (~> 1.1.0)
author	Connor Shea <connor.james.shea@gmail.com>	2016-06-17 15:03:30 -0600
committer	Connor Shea <connor.james.shea@gmail.com>	2016-07-18 11:43:35 -0600
commit	cc0d15a8869e25eb02b5e829e24ae3933419760f (patch)
tree	4108e99cc7a20be7bdc01dea36f9b4d3e2dc4865
parent	c367fa8eb773a049ffdfe4735d42254ed808fef2 (diff)
download	gitlab-ce-cc0d15a8869e25eb02b5e829e24ae3933419760f.tar.gz