π¦ This repository contains all the content of the OWASP Secure Headers Project (also named OSHP).
πΊοΈ The OSHP project is composed of the following projects:
- Main site: It is the core of the OSHP and provide the information about HTTP security headers.
- Called
mainsite. - Content is here.
- Called
- Validator: Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.
- Called
validator. - Content is here.
- Called
- Statistics: Statistics about HTTP response security headers usage mentioned by the OSHP.
- Called
statistics. - Content is here.
- Called
- The base of the repository contains the main site.
- The other projects are stored in the folder subprojects: Each sub projects have it own folder.
- The project official logo is stored into the folder logo as well as into the OWASP Swag GitHub repository.
- The folder ci (CI for Continuous Integration) contains materials to generate or update content using GitHub actions workflows.
π The naming convention used is [project_call_name]_[action]_[target].yml where:
[project_call_name]is the project call name defined above.[action]can be(validate|monitor|generate).
π Health status:
| Status | File |
|---|---|
| π | |
| π | |
| π | |
| π | |
| π | |
| π | |
| π | |
| π | |
| π |
π¬ Both are handled using the following GitHub features:
π©βπ» Content editing is done with Visual Studio Code.
π¦ A workspace file is provided with recommended extensions.
π© This template is used to announce news on social media about OSHP update:
π‘ OWASP Secure Headers Project: [MESSAGE].
#appsec #appsecurity #owasp_shp
[PRINT_SCREEN_IN_PNG_FORMAT_WHEN_APPLICABLE]
π [LINK_TO_OSHP_SECTION]
π‘ Source used:
[LINK_TO_SOURCE_USED]
π§βπ» Ricardo Iramar
π§βπ» Dominique Righetto
π Contributors to OSHP, before the migration of the project to GitHub:
π Visit this page for updated information about the contributors since the migration of the project to GitHub.
π This project content is free to use. It is licensed under the Apache 2.0 License.
