Timothy DeHerrera
|
1e5ed28788
|
docs: add security documentation with trust model and CSP
Add Security section to README documenting:
- Trust model (untrusted content, trusted binary)
- HTML passthrough implications
- URL escaping behavior
Create docs/content/features/security.md with:
- Detailed trust model table
- Content processing security notes
- CSP header recommendations
- Platform-specific examples (Cloudflare, Netlify, Nginx)
Closes audit recommendations 4 and 5.
|
2026-02-05 17:22:34 -07:00 |
|