krakenjs/lusca

Application security for express apps.

JavaScriptNOASSERTION

Issues

CSRF token is mismatch even in correct things.
#154 opened a year ago by Fyphen1223
1
Rename csrf blacklist/whitelist configs
#143 opened 4 years ago by JevinAnderson
1
CSRF token missing at app.use(lusca.csrf())
#135 opened 4 years ago by darklight147
0
Setting CSRF token on the blacklisted routes.
#142 opened 4 years ago by ohpyupi
0
Nonce is not being generated
#136 opened 5 years ago by danielcl
2
lusca.xframe value - "ALLOW-FROM uri" is obselete
#141 opened 4 years ago by kruthivijay31
0
Cookie “XSRF-TOKEN” will be soon rejected
#139 opened 5 years ago by miclill
1
Change CSRF-Token name
#138 opened 5 years ago by molerat619
0
CSP policy is wrong when whitespace is missing before 'self'
#137 opened 5 years ago by danielcl
0
How skip api css js avoid redundant？
#134 opened 5 years ago by lichspace
0
lusca requires req.session
#133 opened 5 years ago by matharuajay
0
use postman in chrome found error : CSRF token missing
#73 opened 9 years ago by simdm
12
DNS Rebinding protection
#131 opened 6 years ago by brannondorsey
0
Is helmet needed with lusca?
#127 opened 6 years ago by khaledosman
2
update tests and dependencies
#107 opened 6 years ago by gabrielcsapo
0
How to send post with CSRF token without manually adding a form or whitelisting/blacklisting
#126 opened 6 years ago by djaffer
2
Support CSRF black/white listing on URL params
#123 opened 7 years ago by mjy78
2
X-XSS-Protection report uri
#124 opened 7 years ago by theel0ja
1
CSRF blacklist and whitelist not working as expected for multiple endpoints.
#128 opened 6 years ago by gladchinda
1
Exempting XSRF-TOKEN for some requests
#119 opened 7 years ago by beshad
2
csrf http2 token validation fails while http1 passes
#117 opened 7 years ago by avoidwork
2
CSRF error status code
#116 opened 7 years ago by zisiszikos
3
CSRF: Disable error log?
#62 opened 9 years ago by uptownhr
1
Error: CSRF token mismatch
#97 opened 8 years ago by erbridge
3
DDOS - does lusca contains protection from ddos attacks
#115 opened 7 years ago by maxprog
2
CSRF: Move from 10 Bytes to 9 or 12.
#109 opened 7 years ago by jagracey
0
How to get XSRF token before first post request
#95 opened 8 years ago
5
Are resave and saveUninitialized options for sessions required?
#106 opened 7 years ago by sbking
0
CSRF:how to provide a specific list of urls for check-CSRF to ignore
#105 opened 7 years ago by finmily
1
Secure csrf
#78 opened 9 years ago by mrazvan21
6
Warning that a promise was created in a handler but not returned from it
#101 opened 8 years ago by nstuyvesant
0
Error: CSRF token missing
#58 opened 10 years ago by makromat
11
|
#98 opened 8 years ago by SensationSama
0
Basic Security with Node, Express and Lusca
#88 opened 9 years ago
1
Lusca + Angular2 Problems
#93 opened 8 years ago by vgogov
3
socket.io Content-Security-Policy Host
#90 opened 8 years ago by theage
3
Lusca and nginx best practices
#89 opened 8 years ago by titoesteves
3
how to allow bypass security from one route
#92 opened 8 years ago by luisfusim
2
support for CSP's block-all-mixed-content
#69 opened 9 years ago by turboMaCk
1
Error: CSRF token missing
#54 opened 9 years ago by anjali-chadha
9
CSRF Query
#61 opened 9 years ago by gabeio
18
how to submit a (enctype="multipart/form-data") form with csrf
#74 opened 9 years ago by nguowk
0
CSRF token missing for enctype="multipart/form-data"
#70 opened 9 years ago by erbridge
4
Invalidate CSRF token
#68 opened 9 years ago by kumarmugu
7
REST API sessionless
#64 opened 9 years ago by fondberg
2
lusca with client-sesson fails
#65 opened 9 years ago by muthu-cs
3
CSRF Hooks
#63 opened 9 years ago by uptownhr
1
IE and Safari block third-party cookies, by default causing csrf issues in iframe
#53 opened 10 years ago by shaunwarman
2
Test issue
#52 opened 10 years ago by jeffharrell
0
A way to defer the header setup
#48 opened 10 years ago by facundocabrera
3