Skip to content
/ nuxt-security Public

πŸ›‘ Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

nuxt-security.vercel.app/

License

MIT license
892 stars 69 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Baroshem/nuxt-security

108 Branches51 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

BaroshemBaroshem
Merge pull request #625 from OndrejSerek/patch-1
May 9, 2025
94ec6ac Β· May 9, 2025

History

879 Commits
.github
.github
Jan 26, 2025
.stackblitz
.stackblitz
May 31, 2024
docs
docs
May 5, 2025
playground
playground
Nov 28, 2024
src
src
Mar 4, 2025
test
test
Mar 4, 2025
.editorconfig
.editorconfig
Oct 6, 2022
.eslintignore
.eslintignore
Oct 6, 2022
.eslintrc
.eslintrc
Oct 19, 2023
.gitignore
.gitignore
Oct 26, 2023
.npmrc
.npmrc
Oct 17, 2023
.nuxtrc
.nuxtrc
Oct 17, 2023
.prettierrc
.prettierrc
Feb 17, 2024
CHANGELOG.md
CHANGELOG.md
Nov 22, 2024
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
Nov 4, 2022
LICENSE.md
LICENSE.md
Dec 23, 2024
README.md
README.md
Mar 4, 2025
SECURITY.md
SECURITY.md
Oct 26, 2023
package.json
package.json
Mar 4, 2025
tsconfig.json
tsconfig.json
May 4, 2024
yarn.lock
yarn.lock
Nov 22, 2024

Repository files navigation

nuxt-security

npm version npm downloads Github Actions CI License Nuxt

Nuxt Security

Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware.

This module works with Nuxt 3 only

Features

  • Security response headers (including CSP for SSG apps)
  • Request Size & Rate Limiters
  • Cross Site Scripting (XSS) Validation
  • Cross-Origin Resource Sharing (CORS) support
  • Hide X-Powered-By header and remove console loggers utils
  • [Optional] Allowed HTTP Methods, Basic Auth, CSRF

Usage

Install the module:

npx nuxi@latest module add security

And that's it! The module will now register route rules and server middlewares globally so that your application will be more secured.

Configuration

You can pass configuration to the module in the nuxt.config.ts like following:

export default defineNuxtConfig({
  modules: ["nuxt-security"],
  security: {
    // options
  }
})

For all available configuration options check out the docs.

Development

  • Run yarn dev:prepare to generate type stubs.
  • Use yarn dev to start playground in development mode.

License

MIT License

About

πŸ›‘ Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

nuxt-security.vercel.app/

Topics

cors security module vue rate-limiting nuxt xss owasp csrf basic-authentication nonce headers-security

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

892 stars

Watchers

5 watching

Forks

69 forks
Report repository

Releases 45

v2.2.0 Latest
Mar 4, 2025
+ 44 releases

Contributors 51

+ 37 contributors

Languages