SharepointToolbox-Web

kawa/SharepointToolbox-Web

Fork 0

Commit Graph

Author	SHA1	Message	Date
kawa	c4a1775d7d	Harden auth, headers, and container per OWASP review - Add per-account lockout + IP rate limiter on local sign-in (A07) - Emit CSP and security headers on every response (A05) - Run container as non-root `app`, /data 0700 (A05/A02) - Stop reflecting raw token-endpoint body into redirect URL (A09) - Handle missing refresh_token in connect callback without a 500 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-11 14:30:19 +02:00
kawa	78881b83a2	Merge branch 'main' of https://git.azuze.fr/kawa/SharepointToolbox-Web	2026-06-02 17:13:09 +02:00
kawa	d19092c84e	Initial commit	2026-06-02 10:56:03 +02:00

Author

SHA1

Message

Date

kawa

c4a1775d7d

Harden auth, headers, and container per OWASP review

- Add per-account lockout + IP rate limiter on local sign-in (A07)
- Emit CSP and security headers on every response (A05)
- Run container as non-root `app`, /data 0700 (A05/A02)
- Stop reflecting raw token-endpoint body into redirect URL (A09)
- Handle missing refresh_token in connect callback without a 500

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-11 14:30:19 +02:00

kawa

78881b83a2

Merge branch 'main' of https://git.azuze.fr/kawa/SharepointToolbox-Web

2026-06-02 17:13:09 +02:00

kawa

d19092c84e

Initial commit

2026-06-02 10:56:03 +02:00

3 Commits