-
As @craSH points out "I checked the current one and it doesn't appear to have explicit Clickjacking prevention via X-Frame-Options headers (or any of the security headers, woups)"
We should set appro…
-
Bonjour 👋🏻
### Nomad version
```
Nomad v1.6.3
BuildDate 2023-10-30T12:58:10Z
Revision e0497bff14378d68cad76a801cc0eba93ce05039
```
### Operating system and Environment details
```
Distribu…
-
-
#### What would you like to be added:
Implement all the domain hardening and security headers for web apps.
E.g. https://github.com/DeFiCh/scan/blob/62661206c50e7ea2e4786bf0f1e3fa5392484ac3/…
-
### Steps To Reproduce
Open a vault.bitwarden.com website and look through the Developer console in any browser
### Expected Result
**1.** All the cookies have attributes:
`HttpOnly: True` `…
-
-
If I were you, I'd add `rel="noopener noreferrer"` to links to external urls so people can't exploit `window.opener`. Not very serious, but worth doing. [Read more](https://github.com/waltertamboer/wi…
-
Hello again, donyou have an example of how to use Lucia with effect-http? I want to set the values Lucia returns from the createCookie method, wich has a name, value and attributes. Http platform has …
-
### Current Behavior
I am using the latest version of node-red. While going through the developer mode the access token is showing in the local storage.
![image](https://github.com/user-attachment…
-
For example, https://frame.work/blog/linux-on-the-framework-laptop won't work with Columnate because of scripting limitations imposed by the Content Security Policy headers. https://developers.google.…