Need to add security headers and CORS policies

lukaslondono77 / devops-capstone-project

devops-capstone-project

Apache License 2.0

0 stars 0 forks source link

Need to add security headers and CORS policies #10

Open lukaslondono77 opened 3 days ago

lukaslondono77 commented 3 days ago

As a service provider I need my service to use security headers and CORS policies So that my web site is not vulnerable to CORS attacks

Assumptions

Flask-Talisman will be used for security headers

Flask-Cors will be used to establish cross-origin resource sharing (CORS) policies

Acceptance Criteria


Given the site is secured
When a REST API request is made
Then secure headers and a CORS policy should be returned

lukaslondono77 commented 3 days ago

As a service provider I need my service to use security headers and CORS policies So that my web site is not vulnerable to CORS attacks

Assumptions

* Flask-Talisman will be used for security headers
* Flask-Cors will be used to establish cross-origin resource sharing (CORS) policies
#### Acceptance Criteria
```gherkin
Given the site is secured
When a REST API request is made
Then secure headers and a CORS policy should be returned