Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Some modern security for SMF 2.1

Started by Chief of Nothing, March 31, 2021, 09:30:27 AM

Previous topic - Next topic

Chief of Nothing

Not sure where to put this so hopefully this board is the right one.

I've coded and am still working on a bunch of security features for SMF2.1 that I believe should be core features and would like to show and get some feedback from the SMF developers. Due to the nature of the borrowed bandwidth that'll be used (it's not my hosting but a freinds) unfortunately I can't just paste the webpage with the screenshots and explanations for the security features here for all and sundry (sorry everyone). As I'm new to these forums it seems I can't PM the url to any interested developer either so not sure what to do.

So far I have done the security related HTTP reponse headers (completed), Subresource Integrity (partially done, only done jQuery so far) and also DNS prefetch, which is not security but a performance thing.

Hopefully some of the relevant members will see this and respond.

Best to you all...


SMF2.1 Is on GitHub so you can just open a pr with your changes and discuss them with our developers there. Also keep in mind that this version is pretty much feature frozen so we can try our hardest to get the final version released.


You could upload your changes to your on repository on GitHub

There are currently two seemingly related pull requests currently awaiting review that may conflict with your changes:     

Chief of Nothing

Thanks Illori and live627,

Looks like I'll being joining GitHub and learning Git sooner than anticipated though I doubt, given my so far limited understanding of Git terminology, that I'm ready for a PR.


Address the process rather than the outcome.  Then, the outcome becomes more likely.   - Fripp