Add security headers that will make your application more secure by default (including Content Security Policy (CSP) for SSG apps).
Request Size & Rate Limiters
Limit the amount of incoming requests and their size to protect your application against disruptions.
Cross Site Scripting (XSS) Validation
Validate `GET` & `POST` requests against malicious code sent in query or body.
Cross-Origin Resource Sharing (CORS) support
Permit from what origins (domain, scheme, or port) a browser can load resources.
Allowed HTTP Methods
Reject requests that do not match allow list of HTTP methods.
Cross Site Request Forgery (CSRF) protection
Protect against unwanted state change by unaware users.
Discover how it helps ship secure applications
Nuxt Security solves several security issues automatically by implementing Headers and Middleware accordingly to OWASP & OWASP Top 10 documents. For others, it provides optional middleware that will help you handle more advanced cases like Cross Site Request Forgery.