| route-pattern | /_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format) |
| route-controller | voltron_pull_requests_fragments |
| route-action | pull_request_layout |
| fetch-nonce | v2:1b2dbec0-01b9-33d1-d3a6-9d7805957573 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | EA9C:1659BC:15544E:1D9E20:69720DCE |
| html-safe-nonce | 290a483fbb2dc55f25cce2753523a540f559cd05944637348cd89307a2c6c647 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFQTlDOjE2NTlCQzoxNTU0NEU6MUQ5RTIwOjY5NzIwRENFIiwidmlzaXRvcl9pZCI6IjczNDkzNzEzMzA4NDQ4MjI5OTAiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ== |
| visitor-hmac | 06c6eb3cb8671e8c5bac0668b53cbdb978bf377bf53a3625767b1f281e4e4bbc |
| hovercard-subject-tag | pull_request:3111525925 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | ///voltron/pull_requests_fragments/pull_request_layout |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/github/secure_headers/571/pull_request_layout |
| twitter:image | https://opengraph.githubassets.com/566bc1ae37aafbd9f4eddc90f5da1f3e4f8911c292334b2104e186adc5d59ed5/github/secure_headers/pull/571 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/566bc1ae37aafbd9f4eddc90f5da1f3e4f8911c292334b2104e186adc5d59ed5/github/secure_headers/pull/571 |
| og:image:alt | Third-party gems (e.g., GoodJob) call content_security_policy_nonce without parameters, expecting Rails' default behavior. SecureHeaders required an explicit :script or :style parameter, causin... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | Copilot |
| hostname | github.com |
| expected-hostname | github.com |
| None | 453de246939b1e04d711e109432e2df10933270413df93b7a8f8f1df8dda7f18 |
| turbo-cache-control | no-preview |
| go-import | github.com/github/secure_headers git https://github.com/github/secure_headers.git |
| octolytics-dimension-user_id | 9919 |
| octolytics-dimension-user_login | github |
| octolytics-dimension-repository_id | 7122663 |
| octolytics-dimension-repository_nwo | github/secure_headers |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 7122663 |
| octolytics-dimension-repository_network_root_nwo | github/secure_headers |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 12756e5bdb9000be815bbf20a1acc7935638e596 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
| Skip to content | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#start-of-content |
|
| https://patch-diff.githubusercontent.com/ |
|
Sign in
| https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fsecure_headers%2Fpull%2F571 |
| GitHub CopilotWrite better code with AI | https://github.com/features/copilot |
| GitHub SparkBuild and deploy intelligent apps | https://github.com/features/spark |
| GitHub ModelsManage and compare prompts | https://github.com/features/models |
| MCP RegistryNewIntegrate external tools | https://github.com/mcp |
| ActionsAutomate any workflow | https://github.com/features/actions |
| CodespacesInstant dev environments | https://github.com/features/codespaces |
| IssuesPlan and track work | https://github.com/features/issues |
| Code ReviewManage code changes | https://github.com/features/code-review |
| GitHub Advanced SecurityFind and fix vulnerabilities | https://github.com/security/advanced-security |
| Code securitySecure your code as you build | https://github.com/security/advanced-security/code-security |
| Secret protectionStop leaks before they start | https://github.com/security/advanced-security/secret-protection |
| Why GitHub | https://github.com/why-github |
| Documentation | https://docs.github.com |
| Blog | https://github.blog |
| Changelog | https://github.blog/changelog |
| Marketplace | https://github.com/marketplace |
| View all features | https://github.com/features |
| Enterprises | https://github.com/enterprise |
| Small and medium teams | https://github.com/team |
| Startups | https://github.com/enterprise/startups |
| Nonprofits | https://github.com/solutions/industry/nonprofits |
| App Modernization | https://github.com/solutions/use-case/app-modernization |
| DevSecOps | https://github.com/solutions/use-case/devsecops |
| DevOps | https://github.com/solutions/use-case/devops |
| CI/CD | https://github.com/solutions/use-case/ci-cd |
| View all use cases | https://github.com/solutions/use-case |
| Healthcare | https://github.com/solutions/industry/healthcare |
| Financial services | https://github.com/solutions/industry/financial-services |
| Manufacturing | https://github.com/solutions/industry/manufacturing |
| Government | https://github.com/solutions/industry/government |
| View all industries | https://github.com/solutions/industry |
| View all solutions | https://github.com/solutions |
| AI | https://github.com/resources/articles?topic=ai |
| Software Development | https://github.com/resources/articles?topic=software-development |
| DevOps | https://github.com/resources/articles?topic=devops |
| Security | https://github.com/resources/articles?topic=security |
| View all topics | https://github.com/resources/articles |
| Customer stories | https://github.com/customer-stories |
| Events & webinars | https://github.com/resources/events |
| Ebooks & reports | https://github.com/resources/whitepapers |
| Business insights | https://github.com/solutions/executive-insights |
| GitHub Skills | https://skills.github.com |
| Documentation | https://docs.github.com |
| Customer support | https://support.github.com |
| Community forum | https://github.com/orgs/community/discussions |
| Trust center | https://github.com/trust-center |
| Partners | https://github.com/partners |
| GitHub SponsorsFund open source developers | https://github.com/sponsors |
| Security Lab | https://securitylab.github.com |
| Maintainer Community | https://maintainers.github.com |
| Accelerator | https://github.com/accelerator |
| Archive Program | https://archiveprogram.github.com |
| Topics | https://github.com/topics |
| Trending | https://github.com/trending |
| Collections | https://github.com/collections |
| Enterprise platformAI-powered developer platform | https://github.com/enterprise |
| GitHub Advanced SecurityEnterprise-grade security features | https://github.com/security/advanced-security |
| Copilot for BusinessEnterprise-grade AI features | https://github.com/features/copilot/copilot-business |
| Premium SupportEnterprise-grade 24/7 support | https://github.com/premium-support |
| Pricing | https://github.com/pricing |
| Search syntax tips | https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax |
| documentation | https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax |
|
Sign in
| https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fsecure_headers%2Fpull%2F571 |
|
Sign up
| https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=github%2Fsecure_headers |
| Reload | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
| Reload | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
| Reload | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
|
github
| https://patch-diff.githubusercontent.com/github |
| secure_headers | https://patch-diff.githubusercontent.com/github/secure_headers |
|
Notifications
| https://patch-diff.githubusercontent.com/login?return_to=%2Fgithub%2Fsecure_headers |
|
Fork
253
| https://patch-diff.githubusercontent.com/login?return_to=%2Fgithub%2Fsecure_headers |
|
Star
3.3k
| https://patch-diff.githubusercontent.com/login?return_to=%2Fgithub%2Fsecure_headers |
|
Code
| https://patch-diff.githubusercontent.com/github/secure_headers |
|
Issues
14
| https://patch-diff.githubusercontent.com/github/secure_headers/issues |
|
Pull requests
7
| https://patch-diff.githubusercontent.com/github/secure_headers/pulls |
|
Actions
| https://patch-diff.githubusercontent.com/github/secure_headers/actions |
|
Projects
0
| https://patch-diff.githubusercontent.com/github/secure_headers/projects |
|
Models
| https://patch-diff.githubusercontent.com/github/secure_headers/models |
|
Security
Uh oh!
There was an error while loading. Please reload this page.
| https://patch-diff.githubusercontent.com/github/secure_headers/security |
| Please reload this page | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
|
Insights
| https://patch-diff.githubusercontent.com/github/secure_headers/pulse |
|
Code
| https://patch-diff.githubusercontent.com/github/secure_headers |
|
Issues
| https://patch-diff.githubusercontent.com/github/secure_headers/issues |
|
Pull requests
| https://patch-diff.githubusercontent.com/github/secure_headers/pulls |
|
Actions
| https://patch-diff.githubusercontent.com/github/secure_headers/actions |
|
Projects
| https://patch-diff.githubusercontent.com/github/secure_headers/projects |
|
Models
| https://patch-diff.githubusercontent.com/github/secure_headers/models |
|
Security
| https://patch-diff.githubusercontent.com/github/secure_headers/security |
|
Insights
| https://patch-diff.githubusercontent.com/github/secure_headers/pulse |
| Sign up for GitHub
| https://patch-diff.githubusercontent.com/signup?return_to=%2Fgithub%2Fsecure_headers%2Fissues%2Fnew%2Fchoose |
| terms of service | https://docs.github.com/terms |
| privacy statement | https://docs.github.com/privacy |
| Sign in | https://patch-diff.githubusercontent.com/login?return_to=%2Fgithub%2Fsecure_headers%2Fissues%2Fnew%2Fchoose |
| Jump to bottom | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#issue-comment-box |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| feature-7.2 | https://patch-diff.githubusercontent.com/github/secure_headers/tree/feature-7.2 |
| copilot/fix-csp-nonce-issue | https://patch-diff.githubusercontent.com/github/secure_headers/tree/copilot/fix-csp-nonce-issue |
|
Add default parameter to content_security_policy_nonce for Rails compatibility
| https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#top |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| feature-7.2 | https://patch-diff.githubusercontent.com/github/secure_headers/tree/feature-7.2 |
| copilot/fix-csp-nonce-issue | https://patch-diff.githubusercontent.com/github/secure_headers/tree/copilot/fix-csp-nonce-issue |
|
Conversation
1
| https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
|
Commits
5
| https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits |
|
Checks
15
| https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/checks |
|
Files changed
| https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/files |
| Please reload this page | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
| https://github.co/hiddenchars |
| https://patch-diff.githubusercontent.com/github/secure_headers/pull/{{ revealButtonHref }} |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| Dec 17, 2025 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#issue-3740619642 |
| Please reload this page | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
| Actions setup steps | https://gh.io/copilot/actions-setup-steps |
| Copilot coding agent settings | https://github.com/github/secure_headers/settings/copilot/coding_agent |
| link to code | https://github.com/bensheldon/good_job/blob/c71c3b338326bc14fb0ec58eaf70f6ee66c20c02/app/views/layouts/good_job/application.html.erb#L14 |
| Method conflicting content_security_policy_nonce with Rails 5.2 #392 | https://github.com/github/secure_headers/issues/392 |
| Avoid calling content_security_policy_nonce internally #389 | https://github.com/github/secure_headers/pull/389 |
| @copilot | https://gh.io/copilot-coding-agent-docs |
| content_security_policy_nonce calls Rails method so CSP does not contain nonce #511 | https://github.com/github/secure_headers/issues/511 |
| 2 minute survey | https://gh.io/copilot-coding-agent-survey |
| Please reload this page | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| fletchto99 | https://patch-diff.githubusercontent.com/fletchto99 |
| Dec 17, 2025 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21628281132 |
| started work | https://github.com/copilot/tasks/pull/PR_kwDOAGyu5865dh4l?session_id=2641830a-9abd-4505-8518-8619b7ac5401 |
| fletchto99 | https://patch-diff.githubusercontent.com/fletchto99 |
| December 17, 2025 21:46 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21628288540 |
|
View session
| https://github.com/copilot/tasks/pull/PR_kwDOAGyu5865dh4l?session_id=2641830a-9abd-4505-8518-8619b7ac5401 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| Dec 17, 2025 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21628638196 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| fletchto99 | https://patch-diff.githubusercontent.com/fletchto99 |
| December 17, 2025 22:05 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21628640873 |
| finished work | https://github.com/copilot/tasks/pull/PR_kwDOAGyu5865dh4l?session_id=2641830a-9abd-4505-8518-8619b7ac5401 |
| fletchto99 | https://patch-diff.githubusercontent.com/fletchto99 |
| December 17, 2025 22:05 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21628640957 |
| Copilot | https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
| December 17, 2025 16:40 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#commits-pushed-5932e97 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
| Initial plan | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/5932e9750c03faec00307622c23e4422fe163746 |
| 5932e97 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/5932e9750c03faec00307622c23e4422fe163746 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
| Fix content_security_policy_nonce to work without parameters for Rail… | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/9b8201a79ee63d5a065e9ddb3cf6a2fb3d4dee31 |
| 9b8201a | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/9b8201a79ee63d5a065e9ddb3cf6a2fb3d4dee31 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
| Fix rubocop trailing whitespace issues | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/3ba2401ab83586f2999b34dd50905270bff50a87 |
| 3ba2401 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/3ba2401ab83586f2999b34dd50905270bff50a87 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
| Address code review feedback: remove unnecessary begin blocks | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/b6fb70367b7d920c1db7d2c4b991a67a55d37f66 |
| b6fb703 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/b6fb70367b7d920c1db7d2c4b991a67a55d37f66 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
| Improve documentation clarity based on code review feedback | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/bd6196a3291d0a367bb651896191bf7c3791f67c |
| bd6196a | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571/commits/bd6196a3291d0a367bb651896191bf7c3791f67c |
| https://patch-diff.githubusercontent.com/fletchto99 |
| fletchto99 | https://patch-diff.githubusercontent.com/fletchto99 |
| force-pushed | https://patch-diff.githubusercontent.com/github/secure_headers/compare/6182fac5927eb9e6ece2d2dfdd8b3123065f23ab..bd6196a3291d0a367bb651896191bf7c3791f67c |
| 6182fac | https://patch-diff.githubusercontent.com/github/secure_headers/commit/6182fac5927eb9e6ece2d2dfdd8b3123065f23ab |
| bd6196a | https://patch-diff.githubusercontent.com/github/secure_headers/commit/bd6196a3291d0a367bb651896191bf7c3791f67c |
|
Compare
| https://patch-diff.githubusercontent.com/github/secure_headers/compare/6182fac5927eb9e6ece2d2dfdd8b3123065f23ab..bd6196a3291d0a367bb651896191bf7c3791f67c |
| December 17, 2025 23:40 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21629774409 |
| https://patch-diff.githubusercontent.com/fletchto99 |
| fletchto99 | https://patch-diff.githubusercontent.com/fletchto99 |
| December 17, 2025 23:40 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21629778158 |
| https://patch-diff.githubusercontent.com/fletchto99 |
| fletchto99 | https://patch-diff.githubusercontent.com/fletchto99 |
| force-pushed | https://patch-diff.githubusercontent.com/github/secure_headers/compare/6ac6e720d4d4534cc4fcc9c4016e876659ee0c2a..e5f347e642b0b0b6cdea2534322822cc1b1d76be |
| 6ac6e72 | https://patch-diff.githubusercontent.com/github/secure_headers/commit/6ac6e720d4d4534cc4fcc9c4016e876659ee0c2a |
| e5f347e | https://patch-diff.githubusercontent.com/github/secure_headers/commit/e5f347e642b0b0b6cdea2534322822cc1b1d76be |
|
Compare
| https://patch-diff.githubusercontent.com/github/secure_headers/compare/6ac6e720d4d4534cc4fcc9c4016e876659ee0c2a..e5f347e642b0b0b6cdea2534322822cc1b1d76be |
| December 19, 2025 20:08 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#event-21677725217 |
| https://patch-diff.githubusercontent.com/rei-moo |
| rei-moo | https://patch-diff.githubusercontent.com/rei-moo |
| Dec 19, 2025 | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571#issuecomment-3676622462 |
| Please reload this page | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
| initializer / activesupport hook | https://github.com/github/secure_headers/blob/main/lib/secure_headers/railtie.rb#L21 |
| Please reload this page | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
| Sign up for free | https://patch-diff.githubusercontent.com/join?source=comment-repo |
| Sign in to comment | https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fsecure_headers%2Fpull%2F571 |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
|
fletchto99
| https://patch-diff.githubusercontent.com/fletchto99 |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
|
fletchto99
| https://patch-diff.githubusercontent.com/fletchto99 |
|
Copilot code review
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
Copilot
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
content_security_policy_nonce calls Rails method so CSP does not contain nonce
| https://github.com/github/secure_headers/issues/511 |
| Please reload this page | https://patch-diff.githubusercontent.com/github/secure_headers/pull/571 |
|
| https://patch-diff.githubusercontent.com/apps/copilot-swe-agent |
|
| https://patch-diff.githubusercontent.com/rei-moo |
|
| https://patch-diff.githubusercontent.com/fletchto99 |
|
| https://github.com |
| Terms | https://docs.github.com/site-policy/github-terms/github-terms-of-service |
| Privacy | https://docs.github.com/site-policy/privacy-policies/github-privacy-statement |
| Security | https://github.com/security |
| Status | https://www.githubstatus.com/ |
| Community | https://github.community/ |
| Docs | https://docs.github.com/ |
| Contact | https://support.github.com?tags=dotcom-footer |