Andrey Belenko
Andrey Belenko
`SecureHeaders` excessively deduplicates sources without taking schemes into account leading to removal of sources that shouldn't be removed. I think the problem is with [`dedup_source_list()`](https://github.com/twitter/secureheaders/blob/master/lib/secure_headers/headers/content_security_policy.rb#L151) which relies on filesystem-like matching....