PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d9e4541749161d32038e27167be8eb280c8439e1
xamxam/nginx/xamxam.conf.reference
Pontoporeia 04094d802d fix: harden security based on pentest scan findings 
- Add Content-Security-Policy to main nginx server block (was only on /admin/)
- Add Cross-Origin-Opener-Policy and Cross-Origin-Resource-Policy headers
- Add includeSubDomains to HSTS header
- Set HttpOnly, Secure, SameSite=Lax session cookie params on public pages
  (AdminAuth already hardens the /admin session with SameSite=Strict)
- Update xamxam.conf.reference and SECURITY_HEADERS.md to match
2026-05-19 00:08:06 +02:00

6.0 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink