2 Commits

Author	SHA1	Message	Date
Torsten Schulz (local)	6d6a14ac48	Update cookie SameSite configuration and secure options for improved security compliance ... This commit enhances the cookie handling logic by providing detailed comments on the SameSite attribute options and their implications for security. It sets the default SameSite value to 'none' to allow iframe embedding while ensuring that Secure is true when SameSite is 'none'. Additionally, it adds a warning for cases where SameSite is 'none' but Secure is false, improving the overall security posture of cookie management.	2026-01-11 21:10:00 +01:00
Torsten Schulz (local)	673c34ac9d	Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.	2026-01-05 11:50:57 +01:00