Abdelaziz Elrashed
Abdelaziz Elrashed
It is somehow similar, but not exactly like it. The differences between current organization and proposed one is: - `views` & `messages` directories moved to be inside `resources` directory. -...
After I dived more into the code, I discovered that `init.go` is made for the web access. So, we need another one specific for the APIs. Because, any great app...
Hi, I'm not sure if this the right place for this. But, I think there is should be a two sub accounts for this: 1- Firefox (Default) only open for...
Yes, I think so. But, I prefer a simple solution and I just did it by swap this library with **LevelDB** as a cache. Thanks for your response ^_^
> CSP is already provided in _headers file and it is not recommended to use CSP inside HTML. It should be provided by Nginx / Apache (Web Server) I think...
> Would need to check / make a research about the disadvantages on providing CSP in both ways. Of course there is one issue which is an advantage also, website...
> We also need to add **Nonce-based strict CSP** or **Hash-based strict CSP**. As Passky Website is client side only, we would need to use **Hash-based strict CSP**. > >...
Now if you try to inject any code like: ```js let script = document.createElement("script"); script.innerHTML = "alert('YOU HAVE BEEN HACKED');"; document.body.appendChild(script); ``` It will not allow you to do that...
This is the current status 🙈 