issues
search
krakenjs
/
lusca
Application security for express apps.
Other
1.79k
stars
139
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
CSRF token is mismatch even in correct things.
#154
Fyphen1223
closed
8 months ago
1
Fix typo in Readme
#153
plegner
opened
1 year ago
0
Bump minimatch, grunt and grunt-mocha-test
#152
dependabot[bot]
opened
1 year ago
0
Fixed broken OWASP links
#151
ohpyupi
opened
2 years ago
1
set csrf token on response for bypassed POST urls
#150
aravindsrivats
opened
2 years ago
0
fix :bug: allowlist.type exact
#149
chernjie
closed
2 years ago
0
Bump path-parse from 1.0.6 to 1.0.7
#148
dependabot[bot]
opened
2 years ago
0
Disable x-xss-protection by default
#147
jiheon-dev
opened
2 years ago
0
Bump cli from 0.4.5 to 1.0.1
#146
dependabot[bot]
opened
3 years ago
0
Updating csrf config to allow passing type of match
#145
maxmil7
closed
3 years ago
1
Extra value types for xframe
#144
linkRace
closed
3 years ago
3
Rename csrf blacklist/whitelist configs
#143
JevinAnderson
closed
3 years ago
1
Setting CSRF token on the blacklisted routes.
#142
ohpyupi
opened
3 years ago
0
lusca.xframe value - "ALLOW-FROM uri" is obselete
#141
kruthivijay31
opened
3 years ago
0
Change whitelist/blacklist to allowlist/blocklist
#140
linkRace
closed
3 years ago
4
Cookie “XSRF-TOKEN” will be soon rejected
#139
miclill
opened
4 years ago
1
Change CSRF-Token name
#138
molerat619
opened
4 years ago
0
CSP policy is wrong when whitespace is missing before 'self'
#137
danielcl
opened
4 years ago
0
Nonce is not being generated
#136
danielcl
opened
4 years ago
2
CSRF token missing at app.use(lusca.csrf())
#135
darklight147
closed
3 years ago
0
How skip api css js avoid redundant?
#134
lichspace
opened
4 years ago
0
lusca requires req.session
#133
matharuajay
opened
4 years ago
0
Fix #128: CSRF whitelist or blacklist multiple endpoints.
#132
gladchinda
closed
4 years ago
0
DNS Rebinding protection
#131
brannondorsey
opened
5 years ago
0
refactor csrf blacklist/whitelist code
#130
polunzh
closed
5 years ago
0
Fix #128: CSRF whitelist or blacklist multiple endpoints.
#129
gladchinda
closed
5 years ago
4
CSRF blacklist and whitelist not working as expected for multiple endpoints.
#128
gladchinda
closed
5 years ago
1
Is helmet needed with lusca?
#127
khaledosman
closed
5 years ago
2
How to send post with CSRF token without manually adding a form or whitelisting/blacklisting
#126
djaffer
closed
5 years ago
2
req.locals.nonce -> res.locals.nonce
#125
theel0ja
closed
5 years ago
1
X-XSS-Protection report uri
#124
theel0ja
opened
6 years ago
1
Support CSRF black/white listing on URL params
#123
mjy78
opened
6 years ago
2
fix blacklist or whitelist judge error
#122
Priccc
closed
5 years ago
1
fix csrf balcklist/whitelist shouldBypass check
#121
relifeted
closed
5 years ago
2
fix csrf balcklist/whitelist shouldBypass check
#120
relifeted
closed
6 years ago
1
Exempting XSRF-TOKEN for some requests
#119
beshad
closed
6 years ago
2
Allows CSRF whitelist and blacklist
#118
linkRace
closed
6 years ago
1
csrf http2 token validation fails while http1 passes
#117
avoidwork
closed
6 years ago
2
CSRF error status code
#116
zisiszikos
opened
6 years ago
3
DDOS - does lusca contains protection from ddos attacks
#115
maxprog
opened
6 years ago
2
Add style/script directive if nonce is true
#114
kumarrishav
closed
6 years ago
3
Update README.md to replace a P3P 404 link
#113
m0uneer
closed
6 years ago
1
Nonce typo and match store
#112
linkRace
closed
6 years ago
1
Updates so style-src is replaced properly on subsequent calls
#111
danbehar
closed
6 years ago
1
Add support for CSP nonces
#110
linkRace
closed
6 years ago
0
CSRF: Move from 10 Bytes to 9 or 12.
#109
jagracey
opened
6 years ago
0
updates supported node versions, updates license, removes maintainer
#108
gabrielcsapo
closed
6 years ago
0
update tests and dependencies
#107
gabrielcsapo
closed
5 years ago
0
Are resave and saveUninitialized options for sessions required?
#106
sbking
opened
7 years ago
0
CSRF:how to provide a specific list of urls for check-CSRF to ignore
#105
finmily
closed
7 years ago
1
Next