Skip to content
/ nuxt-security Public

πŸ›‘ Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

nuxt-security.vercel.app/

License

MIT license
881 stars 65 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Baroshem/nuxt-security

108 Branches51 Tags
This branch is 1 commit ahead of, 51 commits behind main.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

vejjavejja
chore(release): v2.1.5
Nov 30, 2024
2a8363a Β· Nov 30, 2024

History

827 Commits
.github
.github
Nov 22, 2024
.stackblitz
.stackblitz
May 31, 2024
docs
docs
Nov 29, 2024
playground
playground
Nov 19, 2024
src
src
Nov 30, 2024
test
test
Aug 9, 2024
.editorconfig
.editorconfig
Oct 6, 2022
.eslintignore
.eslintignore
Oct 6, 2022
.eslintrc
.eslintrc
Oct 19, 2023
.gitignore
.gitignore
Oct 26, 2023
.npmrc
.npmrc
Oct 17, 2023
.nuxtrc
.nuxtrc
Oct 17, 2023
.prettierrc
.prettierrc
Feb 17, 2024
CHANGELOG.md
CHANGELOG.md
Nov 30, 2024
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
Nov 4, 2022
LICENSE.md
LICENSE.md
Feb 28, 2023
README.md
README.md
Apr 3, 2024
SECURITY.md
SECURITY.md
Oct 26, 2023
package.json
package.json
Nov 30, 2024
tsconfig.json
tsconfig.json
May 4, 2024
yarn.lock
yarn.lock
Nov 22, 2024

Repository files navigation

nuxt-security

npm version npm downloads Github Actions CI License Nuxt

Nuxt Security

Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware.

This module works with Nuxt 3 only

Features

  • Security response headers (including CSP for SSG apps)
  • Request Size & Rate Limiters
  • Cross Site Scripting (XSS) Validation
  • Cross-Origin Resource Sharing (CORS) support
  • Hide X-Powered-By header and remove console loggers utils
  • [Optional] Allowed HTTP Methods, Basic Auth, CSRF

Usage

Install the module:

npx nuxi@latest module add security

And that's it! The module will now register route rules and server middlewares globally so that your application will be more secured.

Configuration

You can pass configuration to the module in the nuxt.config.ts like following:

export default defineNuxtConfig({
  modules: ["nuxt-security"],
  security: {
    // options
  }
})

For all available configuration options check out the docs.

Development

  • Run yarn dev:prepare to generate type stubs.
  • Use yarn dev to start playground in development mode.

License

MIT License

About

πŸ›‘ Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

nuxt-security.vercel.app/

Topics

cors security module vue rate-limiting nuxt xss owasp csrf basic-authentication nonce headers-security

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

881 stars

Watchers

4 watching

Forks

65 forks
Report repository

Releases 45

v2.2.0 Latest
Mar 4, 2025
+ 44 releases

Used by 1.3k

  • @AloisSeckar
  • @hramtsov13
  • @LeonKohli
  • @vincenzo-assenza
  • @Humphreyj
  • @skiwi1212
  • @tomekos11
  • @Drop-OSS
+ 1,247

Contributors 50

+ 36 contributors

Languages