Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security: Harden Papiea against various web vulnerabilities #688

Open
joshua-berry-ntnx opened this issue Apr 29, 2021 · 0 comments
Open

Security: Harden Papiea against various web vulnerabilities #688

joshua-berry-ntnx opened this issue Apr 29, 2021 · 0 comments
Milestone
Customer-1 M2

Comments

@joshua-berry-ntnx
Copy link
Contributor

We should make sure we are following the best practices defined by Express for deploying secure web services:

https://expressjs.com/en/advanced/best-practice-security.html

In particular, we should probably look at using the Helmet middleware to set appropriate headers to prevent CSRF and similar things—not that we are likely to be vulnerable to many of them in our specific situation, but it takes very little time and might save a big headache later.
@joshua-berry-ntnx joshua-berry-ntnx added this to the Customer-1 M2 milestone Apr 29, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Customer-1 M2
Development

No branches or pull requests
1 participant
@joshua-berry-ntnx