managarten

mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-15 15:59:40 +02:00

History

Till JS f5ee3aae20 feat(security): add unified CSP headers to all 17 web apps Create @manacore/shared-utils/security-headers with setSecurityHeaders() utility that sets standard security headers (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy). CSP includes stats.mana.how (Umami) and glitchtip.mana.how by default. Each app passes its own connectSrc origins (auth URL, backend URL, etc.). Previously only Calendar and Storage had CSP headers - now all 17 web apps have consistent security headers via the shared utility. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-22 18:53:40 +01:00
..
backend	feat(error-tracking): complete GlitchTip integration for all backends	2026-03-19 21:47:27 +01:00
web	feat(security): add unified CSP headers to all 17 web apps	2026-03-22 18:53:40 +01:00

Till JS f5ee3aae20 feat(security): add unified CSP headers to all 17 web apps

Create @manacore/shared-utils/security-headers with setSecurityHeaders()
utility that sets standard security headers (CSP, X-Frame-Options,
X-Content-Type-Options, Referrer-Policy, Permissions-Policy).

CSP includes stats.mana.how (Umami) and glitchtip.mana.how by default.
Each app passes its own connectSrc origins (auth URL, backend URL, etc.).

Previously only Calendar and Storage had CSP headers - now all 17 web
apps have consistent security headers via the shared utility.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-22 18:53:40 +01:00

backend

feat(error-tracking): complete GlitchTip integration for all backends

2026-03-19 21:47:27 +01:00

web

feat(security): add unified CSP headers to all 17 web apps

2026-03-22 18:53:40 +01:00