sneak/webhooker
1
0
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
0489d9916f1e786b7b8679c2a3d28bf12b8d3158
webhooker/internal/middleware/middleware.go
clawbot 0489d9916f
Some checks failed
check / check (push) Has been cancelled
Details
security: add headers middleware, session regeneration, and body size limits 
- Add SecurityHeaders middleware applied globally: HSTS, X-Content-Type-Options,
  X-Frame-Options, CSP, Referrer-Policy, and Permissions-Policy headers on every
  response.
- Add session regeneration (Regenerate method) after successful login to prevent
  session fixation attacks. Old session is destroyed and a new ID is issued.
- Add MaxBodySize middleware using http.MaxBytesReader to limit POST/PUT/PATCH
  request bodies to 1 MB on all form endpoints (/pages, /sources, /source/*).

Closes #34, closes #38, closes #39
2026-03-05 02:53:45 -08:00

6.1 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink