[ Zdroj: flask-talisman ]
Balík: python3-flask-talisman (1.1.0-2)
Odkazy pre python3-flask-talisman
Zdroje Debian:
Stiahnuť zdrojový balík flask-talisman:
- [flask-talisman_1.1.0-2.dsc]
- [flask-talisman_1.1.0.orig.tar.gz]
- [flask-talisman_1.1.0-2.debian.tar.xz]
Správcovia:
Externé zdroje:
- Domovská stránka [github.com]
Podobné balíky:
HTTP security headers for Flask
Talisman is a small Flask extension that handles setting HTTP headers that can help protect against a few common web application security issues.
The default configuration:
* Forces all connects to https, unless running with debug enabled. * Enables HTTP Strict Transport Security. * Sets Flask's session cookie to secure, so it will never be set if your application is somehow accessed via a non-secure connection. * Sets Flask's session cookie to httponly, preventing JavaScript from being able to access its content. CSRF via Ajax uses a separate cookie and should be unaffected. * Sets X-Frame-Options to SAMEORIGIN to avoid clickjacking. * Sets X-XSS-Protection to enable a cross site scripting filter for IE and Safari (note Chrome has removed this and Firefox never supported it). * Sets X-Content-Type-Options to prevent content type sniffing. * Sets a strict Content Security Policy of default-src: 'self'. This is intended to almost completely prevent Cross Site Scripting (XSS) attacks. This is probably the only setting that you should reasonably change. See the Content Security Policy section. * Sets a strict Referrer-Policy of strict-origin-when-cross-origin that governs which referrer information should be included with requests made.
Ostatné balíky súvisiace s balíkom python3-flask-talisman
|
|
|
|
-
- dep: python3
- interactive high-level object-oriented language (default python3 version)
Stiahnuť python3-flask-talisman
Architektúra | Veľkosť balíka | Nainštalovaná veľkosť | Súbory |
---|---|---|---|
all | 15.0 kB | 81.0 kB | [zoznam súborov] |