soulsync/core/security
BoulderBadgeDad 5e5bc12e45 Security: add gated security headers in reverse-proxy mode (Tier 2)
Fold a conservative security-header set into the SAME opt-in proxy mode, so it's
zero-impact when off. When security.trust_reverse_proxy is on, an after_request
adds X-Content-Type-Options: nosniff, X-Frame-Options: SAMEORIGIN, and HSTS
(safe — only honoured over the proxy's HTTPS), via setdefault so it never clobbers
a header the proxy already set. No CSP (needs per-deploy tuning; better at the
proxy). When OFF (default), the after_request isn't registered → no headers added.

Tests: off adds none of the headers; on adds all three. Doc updated. 6 tests pass.
2026-06-10 20:48:51 -07:00
..
__init__.py Security: enforce the launch PIN server-side, not just a client overlay (#832) 2026-06-09 22:19:14 -07:00
launch_lock.py Fix: launch PIN re-triggered the first-run setup wizard every visit (#842) 2026-06-10 11:40:47 -07:00
rate_limit.py Security: brute-force limiter on the launch-PIN unlock (Tier 2) 2026-06-10 20:47:46 -07:00
reverse_proxy.py Security: add gated security headers in reverse-proxy mode (Tier 2) 2026-06-10 20:48:51 -07:00