More Secure Nuxt Apps - by default

Automatically configure your app to follow OWASP security patterns and principles by using
HTTP Headers and Middleware.

Protect your app with
no configuration

Security response headers

Add security headers that will make your application more secure by default (including Content Security Policy (CSP) for SSG apps)

Request Size & Rate Limiters

Limit the amount of incoming requests and their size to protect your application against disruptions.

Cross Site Scripting (XSS) Validation

Validate GET & POST requests against malicious code sent in query or body.

Cross-Origin Resource Sharing (CORS) support

Permit from what origins (domain, scheme, or port) a browser can load resources

Allowed HTTP Methods

Reject requests that do not match allow list of HTTP methods

Cross Site Request Forgery (CSRF) protection

Protect against unwanted state change by unaware users

Discover how it helps ship
secure applications

Nuxt Security solves several security issues automatically by implementing Headers and Middleware accordingly to OWASP & OWASP Top 10 documents. For others, it provides optional middleware that will help you handle more advanced cases like Cross Site Request Forgery.