24 repository-uri
Applies security-focused headers to responses to protect users against common web vulnerabilities like cross-site scripting.
Distinguishing note: Focuses on HTTP response headers for security, distinct from general request filtering.
Explore 24 awesome GitHub repositories matching security & cryptography · Security Headers. Refine with filters or upvote what's useful.
Echo is a high-performance, lightweight web framework for Go designed for building scalable RESTful APIs and web services. It provides a centralized environment for mapping network requests to handler functions, utilizing a fast radix-tree routing engine to ensure efficient request dispatching. The framework is built around a modular, middleware-centric pipeline that allows developers to execute reusable logic for cross-cutting concerns like authentication, logging, and security across the entire application. What distinguishes Echo is its focus on developer productivity through structured da
Applies security-focused headers to responses to protect users against common web vulnerabilities like cross-site scripting.
nginxconfig.io is a web-based NGINX configuration generator designed to build and optimize server configuration files through a visual interface. It functions as a management tool to help avoid manual syntax errors when defining server blocks. The project provides specialized utilities for implementing Gzip and Brotli compression, configuring caching strategies, and managing the deployment and renewal of SSL certificates. It also includes a reverse proxy configurator for defining routing rules and backend application server mappings to distribute network traffic. Additional capabilities cove
Generates security-focused HTTP response headers to protect servers from common vulnerabilities.
This project is a request router and web framework for the Go programming language. It provides a toolkit for matching incoming HTTP network requests to specific handler functions by evaluating criteria such as URL paths, request methods, headers, and hostnames. The framework distinguishes itself through its flexible matching capabilities, which include support for regular expressions and dynamic variable extraction from URL segments. It allows developers to organize routes into logical hierarchies, share common path prefixes, and maintain a central registry of named routes to facilitate prog
Configures response headers automatically based on defined HTTP methods to simplify cross-origin requests.
This project is a modular, open-source customer relationship management platform built on the Laravel framework. It serves as a comprehensive business application framework designed for tracking sales pipelines, managing business entities, and automating marketing workflows. By providing a self-hosted solution, it enables organizations to maintain full control over their contact data, sales leads, and communication history. The platform distinguishes itself through a highly extensible architecture that allows developers to modify core behavior without altering the underlying source code. It u
Applies browser-side security policies via HTTP response headers to mitigate common web vulnerabilities.
This project is a styling library and framework designed for component-based architectures, enabling developers to define and manage visual styles directly within JavaScript or TypeScript. It functions as a styling engine that generates unique class names from style definitions, ensuring encapsulated, predictable, and maintainable visual presentation across applications. By integrating with component logic, it allows for the creation of reusable UI elements with styles defined through template literals or object syntax. The library distinguishes itself through a comprehensive suite of build-t
Ensures compliance with strict content security policies by applying security nonces to dynamically generated style elements.
WebFundamentals is a documentation build system and static site generator designed to automate the lifecycle of technical content. It provides a comprehensive web content pipeline that transforms markdown, HTML, and YAML source files into structured, navigable documentation sites. The project distinguishes itself through integrated support for multi-language content localization and automated build pipeline management. It handles complex site requirements by managing user language preferences, enforcing consistent code quality and style standards, and applying security-header middleware to re
Applies security headers to HTTP responses to prevent unauthorized framing and enhance site security.
This project is a comprehensive library of reusable configuration patterns for the Apache web server. It provides a collection of server-side directives designed to manage security, performance, and request routing through decentralized configuration files. The repository serves as a reference for implementing server-level settings without requiring global restarts. It includes specialized patterns for enforcing secure connections, managing cross-origin resource sharing, and protecting sensitive system files from public exposure. Users can leverage these snippets to implement clickjacking pro
Applies security-focused HTTP response headers to mitigate common web vulnerabilities.
Nitter is a privacy-focused, alternative web interface for viewing public social media content. It functions as a server-side proxy that fetches and renders external posts, allowing users to browse content without requiring a personal account or executing third-party tracking scripts. By stripping away user identifiers and tracking mechanisms, the application provides a lightweight, anonymous viewing experience. The project distinguishes itself through its emphasis on network-level privacy and self-sovereignty. It supports routing traffic through Tor and I2P networks to bypass censorship and
Applies strict security headers and content policies to incoming requests to protect users from tracking, cross-site scripting, and unauthorized resource access.
This project is a service mesh platform designed to manage, secure, and observe service-to-service communication within Kubernetes clusters. It functions as a control plane that orchestrates transparent sidecar proxies, which intercept and manage network traffic to provide reliable connectivity for microservices. By automating the injection of these proxies, the platform ensures that infrastructure-level policies are applied consistently across all workloads without requiring manual configuration changes. The platform distinguishes itself through its focus on zero-trust security and cross-clu
Prevents the exposure of confidential information during live traffic monitoring.
Helmet is an Express.js middleware library that sets a comprehensive collection of HTTP security headers to protect web applications from common vulnerabilities like cross-site scripting and clickjacking. At its core, it provides a configurable middleware system for injecting security headers into HTTP responses, with a primary focus on Content Security Policy configuration through custom directives and report-only testing modes. The library distinguishes itself through a flexible configuration surface that supports method chaining for composing multiple headers in a single expression, as wel
Protects Express web applications from common vulnerabilities by setting secure HTTP response headers.
BunkerWeb is a containerized suite of infrastructure tools that functions as a cloud-native web application firewall and Nginx reverse proxy. It provides a security layer for web applications, combining traffic routing with automated SSL certificate management and a web-based security dashboard for monitoring and configuration. The project distinguishes itself through its deep integration with container orchestrators, serving as a Kubernetes ingress controller that automates security settings and service discovery via container labels. It features a plugin-based extension model and a manageme
Injects security-focused HTTP response headers to harden browser-side security and implement CORS policies.
Connect is an HTTP middleware framework and routing library designed as a wrapper for the Node.js HTTP server. It serves as a middleware composition engine that allows for the creation of chains of request handlers to process HTTP traffic and manage application errors. The framework enables the orchestration of pluggable functions to execute security, logic, and routing rules in a specific sequence. It provides the ability to match incoming request URLs to specific logic handlers based on path prefixes. The system covers broader capabilities including centralized error handling to ensure con
Sets security-focused response headers to protect clients from common web vulnerabilities.
all-in-one is a containerized deployment system designed to install and manage a complete suite of productivity and collaboration services. It functions as a cloud suite deployer that orchestrates the installation of a self-hosted content platform, incorporating necessary dependencies via Docker or Kubernetes. The project distinguishes itself by providing a web-based dashboard for orchestrating, updating, and monitoring the lifecycle of service containers. It also serves as a local AI inference server, enabling the execution of generative text models, image diffusion, and speech processing on
Configures HTTP response headers to protect against MIME-sniffing, clickjacking, and other web vulnerabilities.
Gixy is a static configuration analyzer and security auditor for Nginx. It functions as an infrastructure-as-code security scanner and web server configuration linter designed to identify vulnerabilities and misconfigurations in server definitions before deployment. The tool focuses on detecting high-risk security flaws, including host header spoofing, server-side request forgery, and path traversal. It specifically audits Nginx configurations for risks such as HTTP splitting, multiline header issues, and unauthorized third-party access resulting from incorrect Referer or Origin header patter
Identifies instances where response headers are discarded due to inheritance rules in nested configuration blocks.
This project is a production-ready template for building RESTful APIs using Node.js and the Express web framework. It provides a pre-configured structure for backend services, integrating a MongoDB Mongoose ODM framework for data modeling and a token-based security system for managing user identity. The boilerplate distinguishes itself through automated API documentation generated via Swagger by parsing code comments. It implements a layered controller architecture and a middleware-based request pipeline to separate routing logic from business logic and security processing. The system covers
Configures HTTP response headers to protect the application from common web vulnerabilities and unauthorized access.
This project is a web framework performance benchmark suite and automated benchmarking orchestrator. It serves as a multi-language performance analysis tool designed to measure execution speed, throughput, and latency across various HTTP libraries and programming ecosystems. The system functions as an HTTP framework comparison tool that evaluates relative efficiency using consistent hardware and request patterns. It automates the build, deployment, and execution cycles necessary to collect stable performance data and compute metrics such as error rates and latency percentiles. The suite eval
Injects protective headers like Content-Security-Policy and X-Frame-Options to mitigate common vulnerabilities.
CodeIgniter is a PHP web framework built on the Model-View-Controller pattern, designed for building full-stack web applications. It provides a lightweight toolkit with minimal configuration, organizing application logic into controllers, models, and views for clean separation of concerns. The framework includes a fluent query builder for constructing SQL statements programmatically, PSR-4 autoloading with namespace mapping, and a service-based dependency injection container for managing shared class instances. The framework distinguishes itself through its comprehensive set of built-in tools
CodeIgniter attaches HTTP response headers that help protect against common web vulnerabilities.
django-cors-headers este un utilitar pentru aplicații Django pentru gestionarea partajării resurselor între origini diferite (CORS). Adaugă headere HTTP la răspunsuri astfel încât browserele web să poată permite cereri cross-origin de la domenii externe specificate. Proiectul oferă instrumente pentru definirea domeniilor externe, metodelor HTTP și headerelor care au permisiunea de a accesa un API. Suportă restricționarea originilor permise prin liste statice și expresii regulate și permite transmiterea cookie-urilor și a credențialelor de autentificare pentru gestionarea sesiunilor cross-site. Capabilitățile suplimentare includ controlul accesului API pentru a limita partajarea cross-origin la tipare URL specifice și gestionarea headerelor de preflight pentru rețele private pentru a permite comunicarea între adrese IP publice și servere din rețele private.
Provides settings to define which non-standard response headers are accessible to client-side applications.
Oak is a cross-runtime HTTP middleware framework and web server designed to operate across Deno, Node.js, Bun, and Cloudflare Workers. It provides a unified system for building APIs and web servers using a sequential chain of middleware functions and a hierarchical routing engine that maps URL paths to handlers via a nested tree structure. The framework includes a runtime-agnostic serverless adapter that translates diverse cloud provider events into a standard request and response interface. It also features a dedicated WebSocket server implementation for bidirectional real-time communication
Configures security-related HTTP response headers to protect applications from common web vulnerabilities.
LoopBack Next este un framework API Node.js utilizat pentru construirea de API-uri REST și multi-protocol. Funcționează ca o implementare de server OpenAPI care poate fie să genereze specificații lizibile de către mașină din cod, fie să producă controllere și modele de implementare din specificații existente. Framework-ul se remarcă printr-un container central de injecție a dependențelor și un strat de acces la date bazat pe modelul repository. Această arhitectură decuplează logica aplicației de construcția componentelor și stocarea persistentă, permițând un sistem pluggable unde sursele de date și logica de business sunt izolate printr-un sistem standardizat de conectori. Proiectul acoperă o gamă largă de capabilități, inclusiv controlul accesului bazat pe roluri cu strategii de autentificare pluggable și orchestrarea serviciilor externe REST și SOAP. De asemenea, oferă instrumente pentru comunicarea în timp real prin endpoint-uri WebSocket, validarea schemelor JSON și scaffolding-ul automatizat al proiectelor printr-o interfață de linie de comandă. Dezvoltarea este susținută de un set de instrumente CLI pentru bootstrapping-ul aplicațiilor, generarea componentelor API și gestionarea dependențelor proiectului.
Implements security-focused HTTP response headers to protect the application from common web vulnerabilities.