Signando HTTP Features
Comprehensive security features for web applications
Path Whitelisting
- Explicit path allowlist
- Regex pattern matching
- Path parameter validation
- Traversal attack prevention
- Query string filtering
- Fragment rejection
Attack Detection
- SQL injection detection
- XSS prevention
- Path traversal blocking
- Command injection detection
- LDAP injection filtering
- Header injection prevention
Form Validation
- Field type validation
- Length constraints
- Format validation (email, URL, etc.)
- Required field enforcement
- Custom regex patterns
- File upload filtering
Security Headers
- Content-Security-Policy
- Strict-Transport-Security
- X-Frame-Options
- X-Content-Type-Options
- Referrer-Policy
- Permissions-Policy
TLS Termination
- TLS 1.2/1.3 support
- Configurable cipher suites
- Certificate management
- OCSP stapling
- SNI support
- Automatic renewal integration
Response Sanitization
- Error message sanitization
- Stack trace removal
- Internal IP filtering
- Database error masking
- Header cleanup
- Cookie security flags