📦 This repository contains all the content of the OWASP Secure Headers Project (also named OSHP).
🗺️ The OSHP project is composed of the following projects:
- Main site: It is the core of the OSHP and provide the information about HTTP security headers.
- Called
mainsite. - Content is here.
- Called
- Validator: Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.
- Called
validator. - Content is here.
- Called
- Statistics: Statistics about HTTP response security headers usage mentioned by the OSHP.
- Called
statistics. - Content is here.
- Called
- The base of the repository contains the main site.
- The other projects are stored in the folder subprojects: Each sub projects have it own folder.
- The project official logo is stored into the folder logo as well as into the OWASP Swag GitHub repository.
- The folder ci (CI for Continuous Integration) contains materials to generate or update content using GitHub actions workflows.
📝 The naming convention used is [project_call_name]_[action]_[target].yml where:
[project_call_name]is the project call name defined above.[action]can be(validate|monitor|generate).
🔋 Health status:
| Status | File |
|---|---|
| 📄 | |
| 📄 | |
| 📄 | |
| 📄 | |
| 📄 | |
| 📄 | |
| 📄 | |
| 📄 | |
| 📄 |
💬 Both are handled using the following GitHub features:
👩💻 Content editing is done with Visual Studio Code.
📦 A workspace file is provided with recommended extensions.
📩 This template is used to announce news on social media about OSHP update:
📡 OWASP Secure Headers Project: [MESSAGE].
#appsec #appsecurity #owasp_shp
[PRINT_SCREEN_IN_PNG_FORMAT_WHEN_APPLICABLE]
📖 [LINK_TO_OSHP_SECTION]
💡 Source used:
[LINK_TO_SOURCE_USED]
🧑💻 Ricardo Iramar
💌 Contributors to OSHP, before the migration of the project to GitHub:
💌 Visit this page for updated information about the contributors since the migration of the project to GitHub.
📑 This project content is free to use. It is licensed under the Apache 2.0 License.
