feat: create issue #12 - Security Best Practices
Some checks are pending
Docker Test / test (push) Waiting to run
Some checks are pending
Docker Test / test (push) Waiting to run
This commit is contained in:
J.A.R.V.I.S.
parent
a83594790f
commit
ed69280bb7
1 changed files with 20 additions and 9 deletions
29
ISSUE-12.md
29
ISSUE-12.md
|
|
@ -1,14 +1,25 @@
|
|||
## Beschreibung
|
||||
## Issue #12: Implement Security Best Practices
|
||||
|
||||
Implementiere die Middleware zur Rollenprüfung für die API-Endpunkte.
|
||||
### Description
|
||||
|
||||
## Aufwandsschätzung
|
||||
Implement security best practices to protect the helpyourneighbour application from common vulnerabilities.
|
||||
|
||||
Ca. 2 Stunden
|
||||
### Acceptance Criteria
|
||||
|
||||
## Akzeptanzkriterien
|
||||
- [ ] Add security headers to HTTP responses
|
||||
- [ ] Implement CORS configuration
|
||||
- [ ] Add CSRF protection
|
||||
- [ ] Secure API endpoints against common attacks
|
||||
- [ ] Review and apply security recommendations
|
||||
|
||||
- Die `requireRole`-Middleware ist implementiert und in allen benötigten Endpunkten eingebunden
|
||||
- Unit-Tests für die Middleware existieren
|
||||
- Die Middleware funktioniert korrekt mit verschiedenen Rollen
|
||||
- Fehlermeldungen bei fehlender Berechtigung sind klar und verständlich
|
||||
### Tasks
|
||||
|
||||
- [ ] Install and configure helmet.js for security headers
|
||||
- [ ] Configure CORS middleware
|
||||
- [ ] Implement CSRF protection
|
||||
- [ ] Add input sanitization
|
||||
- [ ] Review application for security vulnerabilities
|
||||
|
||||
### Notes
|
||||
|
||||
This issue addresses the need to implement security best practices to protect the application from common web vulnerabilities. The implementation will include security headers, CORS configuration, CSRF protection, and input sanitization to ensure the application is secure against attacks like XSS, CSRF, and other common threats.
|
||||
Loading…
Add table
Add a link
Reference in a new issue