Lukas 5d9cef7760 TASK-013: Add nginx security headers (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy) ...

- Added OWASP-recommended security headers to nginx server block
- CSP allows same-origin scripts and inline styles (required for Fluent UI v9)
- X-Frame-Options: DENY prevents clickjacking
- X-Content-Type-Options: nosniff prevents MIME-sniffing
- Referrer-Policy: no-referrer prevents URL leakage
- Permissions-Policy: disables geolocation, microphone, camera APIs
- HSTS commented out until HTTPS is fully configured
- All headers use 'always' directive for error responses (4xx, 5xx)
- Updated Architekture.md with security header documentation

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

2026-04-26 13:35:15 +02:00

..

fail2ban-dev-config

Switch dashboard/map/history views to archive source for long-term data

2026-04-05 20:21:54 +02:00

check_ban_status.sh

Rename dev jail bangui-sim to manual-Jail

2026-03-15 14:09:49 +01:00

compose.debug.yml

Backend refactoring updates

2026-04-26 12:05:01 +02:00

compose.prod.yml

Add multi-worker detection for APScheduler safety

2026-04-26 11:39:51 +02:00

docker-compose.yml

Docker: add PUID/PGID env vars, fix env format, add release script and VERSION

2026-03-16 19:22:16 +01:00

Dockerfile.backend

Add multi-worker detection for APScheduler safety

2026-04-26 11:39:51 +02:00

Dockerfile.frontend

docker files

2026-03-15 18:10:25 +01:00

nginx.conf

TASK-013: Add nginx security headers (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy)

2026-04-26 13:35:15 +02:00

push.sh

fix: remove invalid --security-opt flag from push.sh build commands

2026-03-17 18:18:25 +01:00

release.sh

backup

2026-03-24 19:46:12 +01:00

simulate_failed_logins.sh

Rename dev jail bangui-sim to manual-Jail

2026-03-15 14:09:49 +01:00

VERSION

chore: release v0.9.19

2026-04-05 22:47:42 +02:00