vmfunc 7efd62c804 feat: add security header analysis scan ...

adds a -sh/--security-headers scan that flags missing or weak response
headers (hsts, csp, x-frame-options, x-content-type-options,
referrer-policy, permissions-policy, coop) and headers that leak server
internals (server, x-powered-by, ...). hsts is only graded over https
where it actually applies. wired into App.Run and the module results.

2026-06-08 18:53:06 -07:00

..

config_test.go

chore: bump copyright headers to 2026

2026-06-08 18:30:48 -07:00

config.go

feat: add security header analysis scan

2026-06-08 18:53:06 -07:00