Security Tests

Every validation rule is verified with automated tests.

Test Categories

Our test suite covers all aspects of HTTP security validation.

15 Tests

URL path allowlist, traversal prevention, query string validation.

8 Tests

Method allowlist per path, CORS preflight handling.

12 Tests

Content-Type checking, header injection prevention, size limits.

20 Tests

Field validation, type checking, length constraints, format validation.

30 Tests

SQL injection, XSS, command injection, path traversal.

18 Tests

Error sanitization, header cleanup, cookie security.

10 Tests

CSP, HSTS, X-Frame-Options, X-Content-Type-Options injection.

8 Tests

TLS version enforcement, cipher suite validation, certificate checks.

15 Tests

Unicode handling, encoding attacks, malformed requests.

TLS termination with configurable cipher suites and modern cryptographic standards.

Automatic injection of security headers (CSP, HSTS, X-Frame-Options).

Error sanitization removing stack traces, SQL errors, and internal IPs.

Form validation with type, format, and length checks.