MechaCat02 cd20ffb580 test(dashboard): add e2e cross-cutting security spec (B8) ...

Five tests covering platform-wide guarantees: expired-token
redirect, HttpOnly session cookie, bootstrap password not leaked
into the DOM after login, missing-app slug fails gracefully, and
an XSS-sink probe across the main authed routes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-28 07:43:51 +02:00

3.4 KiB

Raw Blame History

View Raw