@@ -62,11 +62,11 @@ NOTE: this version is a breaking change due to the removal of HPKP. Remove the H
6262
6363## 5.0.2
6464
65- - Updates ` referrer-policy ` header to support multiple policy values
65+ - Updates ` Referrer-Policy ` header to support multiple policy values
6666
6767## 5.0.1
6868
69- - Updates ` expect-ct ` header to use a comma separator between directives, as specified in the most current spec.
69+ - Updates ` Expect-CT ` header to use a comma separator between directives, as specified in the most current spec.
7070
7171## 5.0.0
7272
@@ -90,7 +90,7 @@ Fix support for the sandbox attribute of CSP. `true` and `[]` represent the maxi
9090
9191## 3.7.0
9292
93- Adds support for the ` expect-ct ` header (@jacobbednarz : https://github.com/twitter/secureheaders/pull/322 )
93+ Adds support for the ` Expect-CT ` header (@jacobbednarz : https://github.com/twitter/secureheaders/pull/322 )
9494
9595## 3.6.7
9696
@@ -335,7 +335,7 @@ console.log(1)
335335` ` `
336336
337337```
338- content-security-policy : ...
338+ Content-Security-Policy : ...
339339 script-src 'sha256-yktKiAsZWmc8WpOyhnmhQoDf9G2dAZvuBBC+V0LGQhg=' ... ;
340340 style-src 'sha256-SLp6LO3rrKDJwsG9uJUxZapb4Wp2Zhj6Bu3l+d9rnAY=' 'sha256-HSGHqlRoKmHAGTAJ2Rq0piXX4CnEbOl1ArNd6ejp2TE=' ...;
341341```
@@ -552,15 +552,15 @@ Fixes an issue where view helpers (for nonces, hashes, etc) weren't available in
552552
553553This release contains support for more csp level 2 features such as the new directives, the script hash integration, and more.
554554
555- It also sets a new header by default: ` x-permitted-cross-domain-policies `
555+ It also sets a new header by default: ` X-Permitted-Cross-Domain-Policies `
556556
557557Support for hpkp is not included in this release as the implementations are still very unstable.
558558
559559:rocket :
560560
561- ## v.2.0.0.pre2 - 2014-12-06 01:55:42 UTC - Adds x-permitted-cross-domain-policies support by default
561+ ## v.2.0.0.pre2 - 2014-12-06 01:55:42 UTC - Adds X-Permitted-Cross-Domain-Policies support by default
562562
563- The only change between this and the first pre release is that the x-permitted-cross-domain-policies support is included.
563+ The only change between this and the first pre release is that the X-Permitted-Cross-Domain-Policies support is included.
564564
565565## v1.4.0 - 2014-12-06 01:54:48 UTC - Deprecate features in preparation for 2.0
566566
@@ -572,7 +572,7 @@ This release is intended to be ready for CSP level 2. Mainly, this means there i
572572
573573## v1.3.4 - 2014-10-13 22:05:44 UTC -
574574
575- * Adds x-download-options support
575+ * Adds X-Download-Options support
576576* Adds support for X-XSS-Protection reporting
577577* Defers loading of rails engine for faster boot times
578578
@@ -598,4 +598,4 @@ It's often valuable to send extra information in the report uri that is not avai
598598Results in
599599```
600600report-uri csp_reports?enforce=true&app_name=twitter
601- ```
601+ ```
0 commit comments