Open
Description
In my app, I use the secure_headers gem, which takes care of all the issues reported by the Owasp Ror Cheatsheet Security Related Headers. It would be great if dawnscanner could check these two things:
-
That the secure_headers gem is present in the app's Gemfile.lock
-
That the
application_controller.rb
contains the following lines:include SecureHeaders ensure_security_headers
If both of those conditions are met, then the Security Related Headers issue should not be reported.