@@ -1089,6 +1089,112 @@ Here is a list of common headers:
***Access-Control-Allow-Origin:** Used to control which sites are allowed to bypass same origin policies and send cross-origin requests.
***Strict-Transport-Security:**[Used to control if the browser is allowed to only access a site over a secure connection](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)
### Content Security Policy
Rails provides a DSL that allows you to configure a