-
Notifications
You must be signed in to change notification settings - Fork 0
Manual
To start the program run the Secure_Programming binary in the build folder you created in the installation step. After that connect to https://localhost:8080 to access the website. (Database creation takes around 5 seconds) Website only works via https. Http throws an error that results in a ERR_INVALID_HTTP_RESPONSE
When altering templates you obviously have to rebuild the project. When adding templates you have to run the otemplate.sh in the buildtools folder before you rebuild the project.
- CSRF Protection
- XSS Protection
- SQL Injection Protection
- Argon2 Password hashing
All the security features are described in the commentary of the source code found under src.
The CSRF protection sometimes fails on different production systems. If this happens just retry the action you tried to perform. Sometimes a CSRF key is not generated in the session which means that it will be out of sync for 1 page load.