Arag / app /middleware /security_headers.py

Commit History

Fix: CSP connect-src for jsdelivr + better create author error display
6d85d9d

AuthorBot commited on

Fix: CSP expanded to allow Google Fonts and jsdelivr CDN used by admin SPA
5ae645d

AuthorBot commited on

Production hardening: JWT blacklist, TOTP, Pydantic schemas, Prometheus, SSRF fix, CSP, Redis auth, Celery backup — 35 items across P0-P5
131d826

AuthorBot commited on

Fix auth session expiry with shared auto-refresh client for admin panels.
e70f2c6

AuthorBot commited on

Fix SecurityHeadersMiddleware: rewrite as pure ASGI to avoid BaseHTTPMiddleware request body consumption bug
660ca76

AuthorBot commited on

Phase 4+5: Fix rate limiter paths (/api/v1 -> /api/chat|auth|admin), add SecurityHeadersMiddleware (HSTS, XSS, CSRF, CSP), fix QA export auth, fix route ordering
41f0eee

AuthorBot commited on