24 مستودعات
Applies security-focused headers to responses to protect users against common web vulnerabilities like cross-site scripting.
Distinguishing note: Focuses on HTTP response headers for security, distinct from general request filtering.
Explore 24 awesome GitHub repositories matching security & cryptography · Security Headers. Refine with filters or upvote what's useful.
Echo is a high-performance, lightweight web framework for Go designed for building scalable RESTful APIs and web services. It provides a centralized environment for mapping network requests to handler functions, utilizing a fast radix-tree routing engine to ensure efficient request dispatching. The framework is built around a modular, middleware-centric pipeline that allows developers to execute reusable logic for cross-cutting concerns like authentication, logging, and security across the entire application. What distinguishes Echo is its focus on developer productivity through structured da
Applies security-focused headers to responses to protect users against common web vulnerabilities like cross-site scripting.
nginxconfig.io is a web-based NGINX configuration generator designed to build and optimize server configuration files through a visual interface. It functions as a management tool to help avoid manual syntax errors when defining server blocks. The project provides specialized utilities for implementing Gzip and Brotli compression, configuring caching strategies, and managing the deployment and renewal of SSL certificates. It also includes a reverse proxy configurator for defining routing rules and backend application server mappings to distribute network traffic. Additional capabilities cove
Generates security-focused HTTP response headers to protect servers from common vulnerabilities.
This project is a request router and web framework for the Go programming language. It provides a toolkit for matching incoming HTTP network requests to specific handler functions by evaluating criteria such as URL paths, request methods, headers, and hostnames. The framework distinguishes itself through its flexible matching capabilities, which include support for regular expressions and dynamic variable extraction from URL segments. It allows developers to organize routes into logical hierarchies, share common path prefixes, and maintain a central registry of named routes to facilitate prog
Configures response headers automatically based on defined HTTP methods to simplify cross-origin requests.
This project is a modular, open-source customer relationship management platform built on the Laravel framework. It serves as a comprehensive business application framework designed for tracking sales pipelines, managing business entities, and automating marketing workflows. By providing a self-hosted solution, it enables organizations to maintain full control over their contact data, sales leads, and communication history. The platform distinguishes itself through a highly extensible architecture that allows developers to modify core behavior without altering the underlying source code. It u
Applies browser-side security policies via HTTP response headers to mitigate common web vulnerabilities.
This project is a styling library and framework designed for component-based architectures, enabling developers to define and manage visual styles directly within JavaScript or TypeScript. It functions as a styling engine that generates unique class names from style definitions, ensuring encapsulated, predictable, and maintainable visual presentation across applications. By integrating with component logic, it allows for the creation of reusable UI elements with styles defined through template literals or object syntax. The library distinguishes itself through a comprehensive suite of build-t
Ensures compliance with strict content security policies by applying security nonces to dynamically generated style elements.
WebFundamentals is a documentation build system and static site generator designed to automate the lifecycle of technical content. It provides a comprehensive web content pipeline that transforms markdown, HTML, and YAML source files into structured, navigable documentation sites. The project distinguishes itself through integrated support for multi-language content localization and automated build pipeline management. It handles complex site requirements by managing user language preferences, enforcing consistent code quality and style standards, and applying security-header middleware to re
Applies security headers to HTTP responses to prevent unauthorized framing and enhance site security.
This project is a comprehensive library of reusable configuration patterns for the Apache web server. It provides a collection of server-side directives designed to manage security, performance, and request routing through decentralized configuration files. The repository serves as a reference for implementing server-level settings without requiring global restarts. It includes specialized patterns for enforcing secure connections, managing cross-origin resource sharing, and protecting sensitive system files from public exposure. Users can leverage these snippets to implement clickjacking pro
Applies security-focused HTTP response headers to mitigate common web vulnerabilities.
Nitter is a privacy-focused, alternative web interface for viewing public social media content. It functions as a server-side proxy that fetches and renders external posts, allowing users to browse content without requiring a personal account or executing third-party tracking scripts. By stripping away user identifiers and tracking mechanisms, the application provides a lightweight, anonymous viewing experience. The project distinguishes itself through its emphasis on network-level privacy and self-sovereignty. It supports routing traffic through Tor and I2P networks to bypass censorship and
Applies strict security headers and content policies to incoming requests to protect users from tracking, cross-site scripting, and unauthorized resource access.
This project is a service mesh platform designed to manage, secure, and observe service-to-service communication within Kubernetes clusters. It functions as a control plane that orchestrates transparent sidecar proxies, which intercept and manage network traffic to provide reliable connectivity for microservices. By automating the injection of these proxies, the platform ensures that infrastructure-level policies are applied consistently across all workloads without requiring manual configuration changes. The platform distinguishes itself through its focus on zero-trust security and cross-clu
Prevents the exposure of confidential information during live traffic monitoring.
Helmet is an Express.js middleware library that sets a comprehensive collection of HTTP security headers to protect web applications from common vulnerabilities like cross-site scripting and clickjacking. At its core, it provides a configurable middleware system for injecting security headers into HTTP responses, with a primary focus on Content Security Policy configuration through custom directives and report-only testing modes. The library distinguishes itself through a flexible configuration surface that supports method chaining for composing multiple headers in a single expression, as wel
Protects Express web applications from common vulnerabilities by setting secure HTTP response headers.
BunkerWeb is a containerized suite of infrastructure tools that functions as a cloud-native web application firewall and Nginx reverse proxy. It provides a security layer for web applications, combining traffic routing with automated SSL certificate management and a web-based security dashboard for monitoring and configuration. The project distinguishes itself through its deep integration with container orchestrators, serving as a Kubernetes ingress controller that automates security settings and service discovery via container labels. It features a plugin-based extension model and a manageme
Injects security-focused HTTP response headers to harden browser-side security and implement CORS policies.
Connect is an HTTP middleware framework and routing library designed as a wrapper for the Node.js HTTP server. It serves as a middleware composition engine that allows for the creation of chains of request handlers to process HTTP traffic and manage application errors. The framework enables the orchestration of pluggable functions to execute security, logic, and routing rules in a specific sequence. It provides the ability to match incoming request URLs to specific logic handlers based on path prefixes. The system covers broader capabilities including centralized error handling to ensure con
Sets security-focused response headers to protect clients from common web vulnerabilities.
all-in-one is a containerized deployment system designed to install and manage a complete suite of productivity and collaboration services. It functions as a cloud suite deployer that orchestrates the installation of a self-hosted content platform, incorporating necessary dependencies via Docker or Kubernetes. The project distinguishes itself by providing a web-based dashboard for orchestrating, updating, and monitoring the lifecycle of service containers. It also serves as a local AI inference server, enabling the execution of generative text models, image diffusion, and speech processing on
Configures HTTP response headers to protect against MIME-sniffing, clickjacking, and other web vulnerabilities.
Gixy is a static configuration analyzer and security auditor for Nginx. It functions as an infrastructure-as-code security scanner and web server configuration linter designed to identify vulnerabilities and misconfigurations in server definitions before deployment. The tool focuses on detecting high-risk security flaws, including host header spoofing, server-side request forgery, and path traversal. It specifically audits Nginx configurations for risks such as HTTP splitting, multiline header issues, and unauthorized third-party access resulting from incorrect Referer or Origin header patter
Identifies instances where response headers are discarded due to inheritance rules in nested configuration blocks.
This project is a production-ready template for building RESTful APIs using Node.js and the Express web framework. It provides a pre-configured structure for backend services, integrating a MongoDB Mongoose ODM framework for data modeling and a token-based security system for managing user identity. The boilerplate distinguishes itself through automated API documentation generated via Swagger by parsing code comments. It implements a layered controller architecture and a middleware-based request pipeline to separate routing logic from business logic and security processing. The system covers
Configures HTTP response headers to protect the application from common web vulnerabilities and unauthorized access.
This project is a web framework performance benchmark suite and automated benchmarking orchestrator. It serves as a multi-language performance analysis tool designed to measure execution speed, throughput, and latency across various HTTP libraries and programming ecosystems. The system functions as an HTTP framework comparison tool that evaluates relative efficiency using consistent hardware and request patterns. It automates the build, deployment, and execution cycles necessary to collect stable performance data and compute metrics such as error rates and latency percentiles. The suite eval
Injects protective headers like Content-Security-Policy and X-Frame-Options to mitigate common vulnerabilities.
CodeIgniter is a PHP web framework built on the Model-View-Controller pattern, designed for building full-stack web applications. It provides a lightweight toolkit with minimal configuration, organizing application logic into controllers, models, and views for clean separation of concerns. The framework includes a fluent query builder for constructing SQL statements programmatically, PSR-4 autoloading with namespace mapping, and a service-based dependency injection container for managing shared class instances. The framework distinguishes itself through its comprehensive set of built-in tools
CodeIgniter attaches HTTP response headers that help protect against common web vulnerabilities.
django-cors-headers هو أداة تطبيق Django لإدارة مشاركة الموارد عبر المنشأ (CORS). يضيف رؤوس HTTP إلى الاستجابات حتى تتمكن متصفحات الويب من السماح بالطلبات عبر المنشأ من نطاقات خارجية محددة. يوفر المشروع أدوات لتحديد النطاقات الخارجية وطرق HTTP والرؤوس المسموح لها بالوصول إلى واجهة برمجة التطبيقات. يدعم تقييد الأصول المسموح بها من خلال القوائم الثابتة والتعبيرات النمطية، ويمكّن نقل ملفات تعريف الارتباط وبيانات اعتماد المصادقة للتعامل مع جلسات العمل عبر المواقع. تشمل القدرات الإضافية التحكم في الوصول إلى واجهة برمجة التطبيقات لتقييد المشاركة عبر المنشأ بأنماط URL محددة وإدارة رؤوس التحقق المسبق للشبكة الخاصة للسماح بالاتصال بين عناوين IP العامة وخوادم الشبكة الخاصة.
Provides settings to define which non-standard response headers are accessible to client-side applications.
Oak هو إطار عمل برمجيات وسيطة (middleware) لـ HTTP وخادم ويب مصمم للعمل عبر Deno وNode.js وBun وCloudflare Workers. يوفر نظاماً موحداً لبناء واجهات برمجة التطبيقات وخوادم الويب باستخدام سلسلة متسلسلة من وظائف البرمجيات الوسيطة ومحرك توجيه هرمي يربط مسارات URL بالمعالجات عبر هيكل شجرة متداخل. يتضمن إطار العمل محولاً لا يعتمد على بيئة التشغيل (runtime-agnostic) يترجم أحداث مزودي السحابة المتنوعة إلى واجهة طلب واستجابة قياسية. كما يتميز بتنفيذ خادم WebSocket مخصص للتواصل ثنائي الاتجاه في الوقت الفعلي ومدير جلسات ويب يستخدم توقيع ملفات تعريف الارتباط غير المتزامن والتخزين الدائم. يغطي المشروع نطاقاً واسعاً من قدرات الخادم، بما في ذلك تقديم الملفات الثابتة، وتفاوض المحتوى، وتحليل البيانات متعددة الأجزاء. يتضمن سطحه الأمني والمراقبي أدوات للتحقق من رموز JSON Web Tokens، وتكوين رؤوس الأمان، وتسجيل حركة مرور HTTP، ومحاكاة طلبات التطبيق لأغراض الاختبار.
Configures security-related HTTP response headers to protect applications from common web vulnerabilities.
LoopBack Next هو إطار عمل API لـ Node.js يستخدم لبناء واجهات برمجة تطبيقات REST ومتعددة البروتوكولات. يعمل كتنفيذ لخادم OpenAPI يمكنه إما إنشاء مواصفات قابلة للقراءة آلياً من الكود أو إنتاج وحدات تحكم ونماذج تنفيذ من مواصفات موجودة. يتميز إطار العمل بحاوية حقن تبعية مركزية وطبقة وصول للبيانات تعتمد على نمط المستودع (repository pattern). تفصل هذه البنية منطق التطبيق عن بناء المكونات والتخزين الدائم، مما يسمح بنظام قابل للتوصيل حيث يتم عزل مصادر البيانات ومنطق الأعمال من خلال نظام موصل موحد. يغطي المشروع مجموعة واسعة من الإمكانات بما في ذلك التحكم في الوصول القائم على الأدوار مع استراتيجيات مصادقة قابلة للتوصيل وتنسيق خدمات REST و SOAP الخارجية. كما يوفر أدوات للاتصال في الوقت الفعلي عبر نقاط نهاية WebSocket، والتحقق من صحة مخطط JSON، وسقالات المشروع الآلية من خلال واجهة سطر أوامر. يتم دعم التطوير من خلال مجموعة من أدوات CLI لبدء التطبيقات، وإنشاء مكونات API، وإدارة تبعيات المشروع.
Implements security-focused HTTP response headers to protect the application from common web vulnerabilities.