Security · drogonframework/drogon#646

(4 comments) (0 reactions) (0 assignees)C++ (10,462 stars) (1,014 forks)batch import

enhancementgood first issue

Description

How is security preparation for both of maintainers and drogon users ? Here are something I hope in drogon's roadmap : some security advice with drogon specific code in the documentation , default security tightening in starter projects (example, authentication and authorization in default state of starter projects) and security enhancement in default state of drogon .

In PHP world, here is some notable security advice of yii2 framework maintainers with yii2 specific codes : https://www.yiiframework.com/doc/guide/2.0/en/security-overview

Thank you for your awesome library.

Contributor guide

Tech stack: cpp
Domain: securitydocumentationbackend
Issue type: feature
Difficulty: 4
Estimated time: over 1 week
Activity status: stale
Clarity: clear
Prerequisites: C++drogon basicsweb security
Newbie friendliness: 20
Research direction: Examine the existing documentation in the docs/ directory and starter templates in the examples/ folder. Identify areas lacking security advice and default security measures. Implement security headers, CSRF protection, and authentication middleware as suggested. Engage with maintainers via issue comments to confirm approach and acceptance criteria. The issue itself does not provide specific implementation details, so research into common web security practices for C++ frameworks is needed.