frank/cookslate
frank/cookslate
1
0
Fork 0
Code Issues 50 Pull requests Projects Releases Packages Wiki Activity Actions

Security: Add HTTPS redirect and HSTS header (TRN01/TRN04) #43

New issue
Open
opened 2026-04-22 00:23:53 +00:00 by frank · 0 comments
frank commented 2026-04-22 00:23:53 +00:00
Owner
Copy link

No HTTPS redirect in .htaccess or PHP. No HSTS header configured. Caddy handles TLS in prod but the app doesn't enforce it.\n\nFix: Add HSTS header in Caddy config or .htaccess. Ensure HTTP->HTTPS redirect.\n\nSecurity audit: TRN01 (critical), TRN04 (medium)

No HTTPS redirect in .htaccess or PHP. No HSTS header configured. Caddy handles TLS in prod but the app doesn't enforce it.\n\nFix: Add HSTS header in Caddy config or .htaccess. Ensure HTTP->HTTPS redirect.\n\nSecurity audit: TRN01 (critical), TRN04 (medium)
frank added this to the Launch Prep milestone 2026-04-22 00:23:53 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

Something isnt working

  
deferred

Intentionally deferred, revisit later

  
documentation

Documentation improvements

  
enhancement

New feature or request

  
feature

New feature or capability

  
infra

Infrastructure, deployment, monitoring

  
integration

Third-party integrations and imports

  
marketing

Marketing, community, and outreach

  
priority:high

High priority

  
priority:low

Low priority

  
priority:medium

Medium priority

  
Pro

Pro/Household tier feature

  
security

Security-related item

  
UX

User experience improvement

No labels
bug
deferred
documentation
enhancement
feature
infra
integration
marketing
priority:high
priority:low
priority:medium
Pro
security
UX
Milestone
Clear milestone
No items
No milestone
Launch Prep
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
frank/cookslate#43
No description provided.