Merge pull request #263 from jurre/patch-1

Correct usage of content_security_policy_nonce in upgrade docs

Author: oreoshake

upgrading-to-3-0.md

@@ -8,7 +8,7 @@ Changes
 | Global configuration                                     | `SecureHeaders::Configuration.configure` block                                                                                                                                                  | `SecureHeaders::Configuration.default` block                                                                                                                                 |
 | All headers besides HPKP and CSP                         | Accept hashes as config values                                                                                                                                                                  | Must be strings (validated during configuration)                                                                                                                             |
 | CSP directive values                                     | Accepted space delimited strings OR arrays of strings                                                                                                                                           | Must be arrays of strings                                                                                                                                                    |
-| CSP Nonce values in views                                | `@content_security_policy_nonce`                                                                                                                                                                | `content_security_policy_script_nonce` or `content_security_policy_style_nonce`                                                                                              |
+| CSP Nonce values in views                                | `@content_security_policy_nonce`                                                                                                                                                                | `content_security_policy_nonce(:script)` or `content_security_policy_nonce(:style)`                                                                                              |
 | nonce is no longer a source expression                   | `config.csp = "'self' 'nonce'"`                                                                                                                                                                 | Remove `'nonce'` from source expression and use [nonce helpers](https://github.com/twitter/secureheaders#nonce).                                                             |
 | `self`/`none` source expressions                         | Could be `self` / `none` / `'self'` / `'none'`                                                                                                                                                  | Must be `'self'` or `'none'`                                                                                                                                                 |
 | `inline` / `eval` source expressions                     | Could be `inline`, `eval`, `'unsafe-inline'`, or `'unsafe-eval'`                                                                                                                                | Must be `'unsafe-eval'` or `'unsafe-inline'`                                                                                                                                 |