SMF Development > Feature Requests

Some modern security for SMF 2.1

(1/1)

Chief of Nothing:
Not sure where to put this so hopefully this board is the right one.

I've coded and am still working on a bunch of security features for SMF2.1 that I believe should be core features and would like to show and get some feedback from the SMF developers. Due to the nature of the borrowed bandwidth that'll be used (it's not my hosting but a freinds) unfortunately I can't just paste the webpage with the screenshots and explanations for the security features here for all and sundry (sorry everyone). As I'm new to these forums it seems I can't PM the url to any interested developer either so not sure what to do.

So far I have done the security related HTTP reponse headers (completed), Subresource Integrity (partially done, only done jQuery so far) and also DNS prefetch, which is not security but a performance thing.

Hopefully some of the relevant members will see this and respond.

Best to you all...

Illori:
SMF2.1 Is on GitHub so you can just open a pr with your changes and discuss them with our developers there. Also keep in mind that this version is pretty much feature frozen so we can try our hardest to get the final version released.

live627:
You could upload your changes to your on repository on GitHub

There are currently two seemingly related pull requests currently awaiting review that may conflict with your changes:     
* added samesite Cookie settings
* Allow CORS requests in SMF  

Chief of Nothing:
Thanks Illori and live627,

Looks like I'll being joining GitHub and learning Git sooner than anticipated though I doubt, given my so far limited understanding of Git terminology, that I'm ready for a PR.

shawnb61:
This may help with the GitHub learning curve:
https://www.simplemachines.org/community/index.php?topic=576283.0

Navigation

[0] Message Index

Go to full version