Am 06.02.2017 um 14:35 schrieb aberba:
On Friday, 3 February 2017 at 13:21:18 UTC, Sönke Ludwig wrote:
Am 03.02.2017 um 10:28 schrieb yazd:
[...]
Keeping the system overloads would break the safety guarantees at a
relatively deep level and would render the whole effort rather useless
(this is the case for non-scope callbacks only, so if you stumble over
a deprecated function with a scope callback, then it should be fixed).
[...]
How does vibed comply with
https://blog.appcanary.com/2017/http-security-headers.html
The headers currently have to be set manually (for example using
route.any("*", &addHeaders); as the first route). But for the high-level
vibe.web package I'm planning to let them be set automatically (with the
possibility to opt out), so that there is a safe default.
