-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pen Test Security fixes #973
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Generated by E2E-Test |
laurenzhonauer
changed the title
mail: install node modules & create types file
Pen Test Security fixes
Sep 9, 2021
laurenzhonauer
force-pushed
the
967-security-improvements
branch
10 times, most recently
from
September 15, 2021 07:57
6abad19
to
425ba23
Compare
laurenzhonauer
force-pushed
the
967-security-improvements
branch
8 times, most recently
from
September 21, 2021 15:37
34ad4b6
to
6ae7c73
Compare
georgimld
previously requested changes
Sep 22, 2021
laurenzhonauer
force-pushed
the
967-security-improvements
branch
3 times, most recently
from
September 22, 2021 13:32
0a97cee
to
cdcab5b
Compare
laurenzhonauer
force-pushed
the
967-security-improvements
branch
2 times, most recently
from
September 23, 2021 09:06
132358c
to
4034236
Compare
- enforce stricter validation on inputs - send content policy security header - send access-controll header - use NODE_ENV var to control check on passwords
- add NODE_ENV to api - add INLINE_RUNTIME_CHUNG to frontend
- sanitize input strings
- use express to serve api - refactor readiness endpoint - add security headers - add postman exports
- set INLINE_RUNTIME_CHUNK to enable CSP
- NODE_ENV for prod vs dev - ACCESS_CONTROL_ALLOW_ORIGIN for cors headers
georgimld
force-pushed
the
967-security-improvements
branch
from
September 23, 2021 13:23
67b2b43
to
f53981b
Compare
Stezido
approved these changes
Sep 23, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist
Description
Closes #967