You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
check origin protection as a basic csrf protection. It's a simple Astro config option. Returns 403 if origin does not match. Should we return a 403 page like we do for 404? Could share an Error Page model as suggested in Custom 500 error pages #158 for 500 pages.
Astro env to restrict access (server/client; public) and type-safety of env variables.
Astro Shield to add Subresource Integrity and Content Security Policy (CSP) headers.
What security measures should we add?
403if origin does not match. Should we return a403page like we do for404? Could share an Error Page model as suggested in Custom 500 error pages #158 for500pages.The text was updated successfully, but these errors were encountered: