#1230 Web Frontend Security category#1809

Merged

tghosth merged 12 commits intoOWASP:masterfrom elarlang:asvs-1230-web-frontend-security

Dec 21, 2023

+88-24

Commits on Dec 15, 2023

OWASP#1230 - Skeleton for the ‘Web Frontend Security’ category
Elar Lang
committed
OWASP#1299 - new requirement 'one application per hostname' as 50.1.1, deprecates 3.4.5 (cookie path)
Elar Lang
committed
OWASP#1230 - move browser security related headers to V50.2 (some were left behind, see OWASP#1808 ).
Elar Lang
committed
OWASP#1230 , OWASP#1652 - request origin validation related requirements to brower-related category
Elar Lang
committed
relocating V14.4 > V50.2 related references
Elar Lang
committed
OWASP#903 - JSONP related requirements in, but still requires some improvement OWASP#903 (comment)
Elar Lang
committed
OWASP#1230 , OWASP#1406 - move 'xss from uploaded file' requirements to V50.5
Elar Lang
committed
OWASP#1230 , OWASP#1009 - do not serve content if you don't need to, needs confirm OWASP#1009 (comment)
Elar Lang
committed
OWASP#1230 - sri to V50.6
Elar Lang
committed
not that nice linting rules...
Elar Lang
committed
not that nice linting rules++
Elar Lang
committed
tag fix for 50.6.1, new tag 'deprecates'
Elar Lang
committed