awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

24 dépôts

Awesome GitHub RepositoriesSecurity Headers

Applies security-focused headers to responses to protect users against common web vulnerabilities like cross-site scripting.

Distinguishing note: Focuses on HTTP response headers for security, distinct from general request filtering.

Explore 24 awesome GitHub repositories matching security & cryptography · Security Headers. Refine with filters or upvote what's useful.

Awesome Security Headers GitHub Repositories

Trouvez les meilleurs dépôts grâce à l'IA.Nous recherchons les dépôts les plus pertinents grâce à l'IA.
  • labstack/echoAvatar de labstack

    labstack/echo

    32,451Voir sur GitHub↗

    Echo is a high-performance, lightweight web framework for Go designed for building scalable RESTful APIs and web services. It provides a centralized environment for mapping network requests to handler functions, utilizing a fast radix-tree routing engine to ensure efficient request dispatching. The framework is built around a modular, middleware-centric pipeline that allows developers to execute reusable logic for cross-cutting concerns like authentication, logging, and security across the entire application. What distinguishes Echo is its focus on developer productivity through structured da

    Applies security-focused headers to responses to protect users against common web vulnerabilities like cross-site scripting.

    Goechogohttp2
    Voir sur GitHub↗32,451
  • digitalocean/nginxconfig.ioAvatar de digitalocean

    digitalocean/nginxconfig.io

    28,294Voir sur GitHub↗

    nginxconfig.io is a web-based NGINX configuration generator designed to build and optimize server configuration files through a visual interface. It functions as a management tool to help avoid manual syntax errors when defining server blocks. The project provides specialized utilities for implementing Gzip and Brotli compression, configuring caching strategies, and managing the deployment and renewal of SSL certificates. It also includes a reverse proxy configurator for defining routing rules and backend application server mappings to distribute network traffic. Additional capabilities cove

    Generates security-focused HTTP response headers to protect servers from common vulnerabilities.

    JavaScript
    Voir sur GitHub↗28,294
  • gorilla/muxAvatar de gorilla

    gorilla/mux

    21,832Voir sur GitHub↗

    This project is a request router and web framework for the Go programming language. It provides a toolkit for matching incoming HTTP network requests to specific handler functions by evaluating criteria such as URL paths, request methods, headers, and hostnames. The framework distinguishes itself through its flexible matching capabilities, which include support for regular expressions and dynamic variable extraction from URL segments. It allows developers to organize routes into logical hierarchies, share common path prefixes, and maintain a central registry of named routes to facilitate prog

    Configures response headers automatically based on defined HTTP methods to simplify cross-origin requests.

    Gogogolanggorilla
    Voir sur GitHub↗21,832
  • krayin/laravel-crmAvatar de krayin

    krayin/laravel-crm

    21,404Voir sur GitHub↗

    This project is a modular, open-source customer relationship management platform built on the Laravel framework. It serves as a comprehensive business application framework designed for tracking sales pipelines, managing business entities, and automating marketing workflows. By providing a self-hosted solution, it enables organizations to maintain full control over their contact data, sales leads, and communication history. The platform distinguishes itself through a highly extensible architecture that allows developers to modify core behavior without altering the underlying source code. It u

    Applies browser-side security policies via HTTP response headers to mitigate common web vulnerabilities.

    PHPcrmcrm-multi-tenant-saascrm-platform
    Voir sur GitHub↗21,404
  • emotion-js/emotionAvatar de emotion-js

    emotion-js/emotion

    18,017Voir sur GitHub↗

    This project is a styling library and framework designed for component-based architectures, enabling developers to define and manage visual styles directly within JavaScript or TypeScript. It functions as a styling engine that generates unique class names from style definitions, ensuring encapsulated, predictable, and maintainable visual presentation across applications. By integrating with component logic, it allows for the creation of reusable UI elements with styles defined through template literals or object syntax. The library distinguishes itself through a comprehensive suite of build-t

    Ensures compliance with strict content security policies by applying security nonces to dynamically generated style elements.

    JavaScriptbabel-plugincsscss-in-js
    Voir sur GitHub↗18,017
  • google/webfundamentalsAvatar de google

    google/WebFundamentals

    13,881Voir sur GitHub↗

    WebFundamentals is a documentation build system and static site generator designed to automate the lifecycle of technical content. It provides a comprehensive web content pipeline that transforms markdown, HTML, and YAML source files into structured, navigable documentation sites. The project distinguishes itself through integrated support for multi-language content localization and automated build pipeline management. It handles complex site requirements by managing user language preferences, enforcing consistent code quality and style standards, and applying security-header middleware to re

    Applies security headers to HTTP responses to prevent unauthorized framing and enhance site security.

    JavaScriptbest-practiceschromechrome-browser
    Voir sur GitHub↗13,881
  • phanan/htaccessAvatar de phanan

    phanan/htaccess

    13,165Voir sur GitHub↗

    This project is a comprehensive library of reusable configuration patterns for the Apache web server. It provides a collection of server-side directives designed to manage security, performance, and request routing through decentralized configuration files. The repository serves as a reference for implementing server-level settings without requiring global restarts. It includes specialized patterns for enforcing secure connections, managing cross-origin resource sharing, and protecting sensitive system files from public exposure. Users can leverage these snippets to implement clickjacking pro

    Applies security-focused HTTP response headers to mitigate common web vulnerabilities.

    apacheawesomeawesome-list
    Voir sur GitHub↗13,165
  • zedeus/nitterAvatar de zedeus

    zedeus/nitter

    13,123Voir sur GitHub↗

    Nitter is a privacy-focused, alternative web interface for viewing public social media content. It functions as a server-side proxy that fetches and renders external posts, allowing users to browse content without requiring a personal account or executing third-party tracking scripts. By stripping away user identifiers and tracking mechanisms, the application provides a lightweight, anonymous viewing experience. The project distinguishes itself through its emphasis on network-level privacy and self-sovereignty. It supports routing traffic through Tor and I2P networks to bypass censorship and

    Applies strict security headers and content policies to incoming requests to protect users from tracking, cross-site scripting, and unauthorized resource access.

    Nimnimprivacyself-hosted
    Voir sur GitHub↗13,123
  • linkerd/linkerd2Avatar de linkerd

    linkerd/linkerd2

    11,424Voir sur GitHub↗

    This project is a service mesh platform designed to manage, secure, and observe service-to-service communication within Kubernetes clusters. It functions as a control plane that orchestrates transparent sidecar proxies, which intercept and manage network traffic to provide reliable connectivity for microservices. By automating the injection of these proxies, the platform ensures that infrastructure-level policies are applied consistently across all workloads without requiring manual configuration changes. The platform distinguishes itself through its focus on zero-trust security and cross-clu

    Prevents the exposure of confidential information during live traffic monitoring.

    Gocloud-nativegolangkubernetes
    Voir sur GitHub↗11,424
  • helmetjs/helmetAvatar de helmetjs

    helmetjs/helmet

    10,692Voir sur GitHub↗

    Helmet is an Express.js middleware library that sets a comprehensive collection of HTTP security headers to protect web applications from common vulnerabilities like cross-site scripting and clickjacking. At its core, it provides a configurable middleware system for injecting security headers into HTTP responses, with a primary focus on Content Security Policy configuration through custom directives and report-only testing modes. The library distinguishes itself through a flexible configuration surface that supports method chaining for composing multiple headers in a single expression, as wel

    Protects Express web applications from common vulnerabilities by setting secure HTTP response headers.

    TypeScripthelmethttp-headersjavascript
    Voir sur GitHub↗10,692
  • bunkerity/bunkerwebAvatar de bunkerity

    bunkerity/bunkerweb

    10,629Voir sur GitHub↗

    BunkerWeb is a containerized suite of infrastructure tools that functions as a cloud-native web application firewall and Nginx reverse proxy. It provides a security layer for web applications, combining traffic routing with automated SSL certificate management and a web-based security dashboard for monitoring and configuration. The project distinguishes itself through its deep integration with container orchestrators, serving as a Kubernetes ingress controller that automates security settings and service discovery via container labels. It features a plugin-based extension model and a manageme

    Injects security-focused HTTP response headers to harden browser-side security and implement CORS policies.

    Python
    Voir sur GitHub↗10,629
  • senchalabs/connectAvatar de senchalabs

    senchalabs/connect

    9,888Voir sur GitHub↗

    Connect is an HTTP middleware framework and routing library designed as a wrapper for the Node.js HTTP server. It serves as a middleware composition engine that allows for the creation of chains of request handlers to process HTTP traffic and manage application errors. The framework enables the orchestration of pluggable functions to execute security, logic, and routing rules in a specific sequence. It provides the ability to match incoming request URLs to specific logic handlers based on path prefixes. The system covers broader capabilities including centralized error handling to ensure con

    Sets security-focused response headers to protect clients from common web vulnerabilities.

    JavaScriptjavascriptnodejs
    Voir sur GitHub↗9,888
  • nextcloud/all-in-oneAvatar de nextcloud

    nextcloud/all-in-one

    9,082Voir sur GitHub↗

    all-in-one is a containerized deployment system designed to install and manage a complete suite of productivity and collaboration services. It functions as a cloud suite deployer that orchestrates the installation of a self-hosted content platform, incorporating necessary dependencies via Docker or Kubernetes. The project distinguishes itself by providing a web-based dashboard for orchestrating, updating, and monitoring the lifecycle of service containers. It also serves as a local AI inference server, enabling the execution of generative text models, image diffusion, and speech processing on

    Configures HTTP response headers to protect against MIME-sniffing, clickjacking, and other web vulnerabilities.

    PHPbackupdockernextcloud
    Voir sur GitHub↗9,082
  • yandex/gixyAvatar de yandex

    yandex/gixy

    8,570Voir sur GitHub↗

    Gixy is a static configuration analyzer and security auditor for Nginx. It functions as an infrastructure-as-code security scanner and web server configuration linter designed to identify vulnerabilities and misconfigurations in server definitions before deployment. The tool focuses on detecting high-risk security flaws, including host header spoofing, server-side request forgery, and path traversal. It specifically audits Nginx configurations for risks such as HTTP splitting, multiline header issues, and unauthorized third-party access resulting from incorrect Referer or Origin header patter

    Identifies instances where response headers are discarded due to inheritance rules in nested configuration blocks.

    Python
    Voir sur GitHub↗8,570
  • hagopj13/node-express-boilerplateAvatar de hagopj13

    hagopj13/node-express-boilerplate

    7,645Voir sur GitHub↗

    This project is a production-ready template for building RESTful APIs using Node.js and the Express web framework. It provides a pre-configured structure for backend services, integrating a MongoDB Mongoose ODM framework for data modeling and a token-based security system for managing user identity. The boilerplate distinguishes itself through automated API documentation generated via Swagger by parsing code comments. It implements a layered controller architecture and a middleware-based request pipeline to separate routing logic from business logic and security processing. The system covers

    Configures HTTP response headers to protect the application from common web vulnerabilities and unauthorized access.

    JavaScriptboilerplatees2018es6
    Voir sur GitHub↗7,645
  • the-benchmarker/web-frameworksAvatar de the-benchmarker

    the-benchmarker/web-frameworks

    7,087Voir sur GitHub↗

    This project is a web framework performance benchmark suite and automated benchmarking orchestrator. It serves as a multi-language performance analysis tool designed to measure execution speed, throughput, and latency across various HTTP libraries and programming ecosystems. The system functions as an HTTP framework comparison tool that evaluates relative efficiency using consistent hardware and request patterns. It automates the build, deployment, and execution cycles necessary to collect stable performance data and compute metrics such as error rates and latency percentiles. The suite eval

    Injects protective headers like Content-Security-Policy and X-Frame-Options to mitigate common vulnerabilities.

    PHPbenchmarkframeworkhttp
    Voir sur GitHub↗7,087
  • codeigniter4/codeigniter4Avatar de codeigniter4

    codeigniter4/CodeIgniter4

    5,924Voir sur GitHub↗

    CodeIgniter is a PHP web framework built on the Model-View-Controller pattern, designed for building full-stack web applications. It provides a lightweight toolkit with minimal configuration, organizing application logic into controllers, models, and views for clean separation of concerns. The framework includes a fluent query builder for constructing SQL statements programmatically, PSR-4 autoloading with namespace mapping, and a service-based dependency injection container for managing shared class instances. The framework distinguishes itself through its comprehensive set of built-in tools

    CodeIgniter attaches HTTP response headers that help protect against common web vulnerabilities.

    PHPcodeignitercodeigniter4framework-php
    Voir sur GitHub↗5,924
  • ottoyiu/django-cors-headersAvatar de ottoyiu

    ottoyiu/django-cors-headers

    5,587Voir sur GitHub↗

    django-cors-headers est un utilitaire d'application Django pour gérer le partage de ressources entre origines (CORS). Il ajoute des en-têtes HTTP aux réponses afin que les navigateurs web puissent autoriser les requêtes inter-origines provenant de domaines externes spécifiés. Le projet fournit des outils pour définir quels domaines externes, méthodes HTTP et en-têtes sont autorisés à accéder à une API. Il prend en charge la restriction des origines autorisées via des listes statiques et des expressions régulières, et permet la transmission de cookies et d'identifiants d'authentification pour la gestion de session inter-sites. Les capacités supplémentaires incluent le contrôle d'accès aux API pour limiter le partage inter-origines à des modèles d'URL spécifiques et la gestion des en-têtes de pré-vérification (preflight) de réseau privé pour permettre la communication entre des adresses IP publiques et des serveurs de réseau privé.

    Provides settings to define which non-standard response headers are accessible to client-side applications.

    Python
    Voir sur GitHub↗5,587
  • oakserver/oakAvatar de oakserver

    oakserver/oak

    5,408Voir sur GitHub↗

    Oak est un framework de middleware HTTP multi-runtime et un serveur web conçu pour fonctionner sur Deno, Node.js, Bun et Cloudflare Workers. Il fournit un système unifié pour construire des API et des serveurs web en utilisant une chaîne séquentielle de fonctions middleware et un moteur de routage hiérarchique qui mappe les chemins d'URL aux gestionnaires via une structure d'arbre imbriquée. Le framework inclut un adaptateur serverless agnostique au runtime qui traduit divers événements de fournisseurs cloud en une interface standard de requête et de réponse. Il dispose également d'une implémentation dédiée de serveur WebSocket pour une communication bidirectionnelle en temps réel et un gestionnaire de session web qui utilise la signature de cookies asynchrone et le stockage persistant. Le projet couvre un large éventail de capacités serveur, incluant le service de fichiers statiques, la négociation de contenu et l'analyse de données multipart. Sa surface de sécurité et d'observabilité inclut des outils pour valider les JSON Web Tokens, configurer les en-têtes de sécurité, journaliser le trafic HTTP et simuler des requêtes d'application à des fins de test.

    Configures security-related HTTP response headers to protect applications from common web vulnerabilities.

    TypeScript
    Voir sur GitHub↗5,408
  • loopbackio/loopback-nextAvatar de loopbackio

    loopbackio/loopback-next

    5,095Voir sur GitHub↗

    LoopBack Next est un framework d'API Node.js utilisé pour construire des API REST et multi-protocoles. Il fonctionne comme une implémentation de serveur OpenAPI capable soit de générer des spécifications lisibles par machine à partir du code, soit de produire des contrôleurs et des modèles d'implémentation à partir de spécifications existantes. Le framework se distingue par un conteneur d'injection de dépendances central et une couche d'accès aux données basée sur le pattern repository. Cette architecture découple la logique applicative de la construction des composants et du stockage persistant, permettant un système enfichable où les sources de données et la logique métier sont isolées via un système de connecteurs standardisé. Le projet couvre un large éventail de capacités, incluant le contrôle d'accès basé sur les rôles avec des stratégies d'authentification enfichables et l'orchestration de services REST et SOAP externes. Il fournit également des outils pour la communication en temps réel via des endpoints WebSocket, la validation de schémas JSON, et l'échafaudage automatique de projets via une interface en ligne de commande. Le développement est soutenu par un ensemble d'outils CLI pour amorcer les applications, générer des composants d'API et gérer les dépendances du projet.

    Implements security-focused HTTP response headers to protect the application from common web vulnerabilities.

    TypeScript
    Voir sur GitHub↗5,095
Préc.12Suivant
  1. Home
  2. Security & Cryptography
  3. Security Headers

Explorer les sous-tags

  • Exposed Header ConfigurationsSettings that define which non-standard response headers are accessible to client-side applications. **Distinct from Security Headers:** Distinct from Security Headers: focuses on CORS-related header exposure rather than security policy enforcement.
  • Header Capture RestrictionsExcludes sensitive request and response headers from traffic introspection. **Distinct from Security Headers:** Focuses on privacy-preserving header filtering, distinct from general security headers.
  • Header Inheritance AnalysisDetection of configuration errors where headers are unintentionally discarded due to block inheritance. **Distinct from Security Headers:** Analyzes the impact of inheritance on header persistence, rather than just applying security headers.
  • Secure Style InjectionsMechanisms for applying security nonces to dynamically generated style elements. **Distinct from Security Headers:** Distinct from Security Headers: focuses on DOM-level style injection security rather than HTTP response headers.
  • Selective Header DisablementAllows selective disabling of individual security headers by name for granular control over which headers are applied. **Distinct from Security Headers:** Distinct from Security Headers: focuses on the ability to disable specific headers, not just applying a fixed set of security headers.