jshttp.github.io icon indicating copy to clipboard operation
jshttp.github.io copied to clipboard

Published 20 hours ago verified publisher icon jshttp

jshttp/security.md

Open jonathanong opened this issue 11 years ago • 5 comments

i'd like to make a repo for common jshttp security issues, examples/tests, and fixes. @dougwilson you interested in helping?

jonathanong avatar Aug 19 '14 00:08 jonathanong

sure. i was actually thinking about having a security.md file in all our repos today, haha. what did you have in mind? the reason i was thinking about it was that i can make an email account that can just forward to a bunch of us as a contact line or something for non-public communication

dougwilson avatar Aug 19 '14 00:08 dougwilson

all our repos? i was thinkign about a single repo with all the security issues in one place. it'll be a guide to using jshttp modules basically.

i don't think disclosure will be much of an issue - there are a lot of ways people can contact us privately.

jonathanong avatar Aug 19 '14 00:08 jonathanong

ah, gotcha. when you said security.md, i was thinking of the file from that node.js security project, lol. so you mean like an "example use of modules in a secure way" kind of repo

dougwilson avatar Aug 19 '14 00:08 dougwilson

and a "what a lot of frameworks do wrong and how to do it correctly, probably with jshttp/pillarjs modules"

jonathanong avatar Aug 19 '14 00:08 jonathanong

give us street cred, yo

jonathanong avatar Aug 19 '14 00:08 jonathanong