44r0n7/privacy.sexy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve security and privacy with strict meta tags

Browse Source 
This commit introduces two meta tags to strengthen the application's
security posture and enhance user privacy, following best practices and
OWASP recommendations.

- Add Content-Security-Policy (CSP) to strictly to strictly control
  which resources the application is allowed, mitigating the risk of
  code injection attacks such as Cross-Site Scripting (XSS).
- Add `referrer` meta tag to prevent the users' browser from sending the
  page's address, or referrer, when navigating to another site, thereby
  enhancing user privacy.
This commit is contained in:
undergroundwires
2023-12-06 15:08:58 +01:00
parent daa6230fc9
commit ba5b29a35d
3 changed files with 31 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/desktop-vs-web-features.md
View File

@@ -35,7 +35,7 @@ The desktop version ensures secure delivery through cryptographic signatures and
> **Note for macOS users:** On macOS, the desktop version's auto-update process involves manual steps due to Apple's code signing costs.
> Users get notified about updates but might need to complete the installation manually.
> Your [support through donations](https://github.com/sponsors/undergroundwires) can help improve this process ❤️.
> Consider [donating](https://github.com/sponsors/undergroundwires) to help improve this process ❤️.
### Logging