krakenjs / lusca

Application security for express apps.

krakenjs/lusca Issues

CSRF token is mismatch even in correct things.
Closed 7 months ago1
Rename csrf blacklist/whitelist configs
Closed 3 years ago1
CSRF token missing at app.use(lusca.csrf())
Closed 3 years ago
Setting CSRF token on the blacklisted routes.
Updated 4 years ago
Nonce is not being generated
Updated 4 years ago2
lusca.xframe value - "ALLOW-FROM uri" is obselete
Updated 4 years ago
Cookie “XSRF-TOKEN” will be soon rejected
Updated 4 years ago1
Change CSRF-Token name
Updated 4 years ago
CSP policy is wrong when whitespace is missing before 'self'
Updated 5 years ago
How skip api css js avoid redundant？
Updated 5 years ago
lusca requires req.session
Updated 5 years ago
use postman in chrome found error : CSRF token missing
Updated 6 years ago12
DNS Rebinding protection
Updated 6 years ago
Is helmet needed with lusca?
Closed 6 years ago2
update tests and dependencies
Closed 6 years ago
How to send post with CSRF token without manually adding a form or whitelisting/blacklisting
Closed 6 years ago2
Support CSRF black/white listing on URL params
Updated 6 years ago2
X-XSS-Protection report uri
Updated 6 years ago1
CSRF blacklist and whitelist not working as expected for multiple endpoints.
Closed 6 years ago1
Exempting XSRF-TOKEN for some requests
Closed 6 years ago2
csrf http2 token validation fails while http1 passes
Closed 6 years ago2
CSRF error status code
Updated 6 years ago3
CSRF: Disable error log?
Updated 6 years ago1
Error: CSRF token mismatch
Closed 8 years ago3
DDOS - does lusca contains protection from ddos attacks
Updated 7 years ago2
CSRF: Move from 10 Bytes to 9 or 12.
Updated 7 years ago
How to get XSRF token before first post request
Updated 7 years ago5
Are resave and saveUninitialized options for sessions required?
Updated 7 years ago
CSRF:how to provide a specific list of urls for check-CSRF to ignore
Closed 7 years ago1
Secure csrf
Updated 7 years ago6
Warning that a promise was created in a handler but not returned from it
Updated 7 years ago
Error: CSRF token missing
Updated 7 years ago11
|
Closed 8 years ago
Basic Security with Node, Express and Lusca
Updated 8 years ago1
Lusca + Angular2 Problems
Closed 8 years ago3
socket.io Content-Security-Policy Host
Updated 8 years ago3
Lusca and nginx best practices
Updated 8 years ago3
how to allow bypass security from one route
Closed 8 years ago2
support for CSP's block-all-mixed-content
Closed 8 years ago1
Error: CSRF token missing
Closed 9 years ago9
CSRF Query
Updated 8 years ago18
how to submit a (enctype="multipart/form-data") form with csrf
Updated 8 years ago
CSRF token missing for enctype="multipart/form-data"
Closed 9 years ago4
Invalidate CSRF token
Updated 9 years ago7
REST API sessionless
Closed 9 years ago2
lusca with client-sesson fails
Closed 9 years ago3
CSRF Hooks
Updated 9 years ago1
IE and Safari block third-party cookies, by default causing csrf issues in iframe
Closed 9 years ago2
Test issue
Closed 9 years ago
A way to defer the header setup
Updated 9 years ago3