 chiappa
|
67011c8cea
fix: prefix session cookie with __Host- in production (SEC_REVIEW F57)
|
4 giorni fa |
|
chiappa
|
30c0604e49
fix: rotate CSRF token on session-id regeneration (SEC_REVIEW F40)
|
4 giorni fa |
|
chiappa
|
55156c51d8
fix: validate next-redirect targets to block off-origin Location values (SEC_REVIEW F10)
|
5 giorni fa |
|
chiappa
|
f811b25734
fix: fail-closed on session id rotation when headers already sent (SEC_REVIEW F8)
|
5 giorni fa |
|
chiappa
|
63d5a8d4e9
feat(M14): security hardening
|
1 settimana fa |
|
chiappa
|
726d8642ce
feat(M08): ui scaffold, OIDC + local admin auth, session, ApiClient
|
1 settimana fa |
