Reflection-Modell, security
Reflektiert Security-relevante Flows, Controller, Templates und Konfigurationen gegen OWASP- und Projektregeln.
route_security
routemethodauth_requiredroles_or_policiestenant_scopecsrf_requiredrate_limit
session_policy
cookie_namesecurehttp_onlysame_siteidle_timeout_minutesabsolute_timeout_minutesrotation_on_login
reauth_flow
trigger_conditionmethodmagic_code_ttl_minutespreserves_unsaved_datareturns_to_original_actionno_modal_dependency
transient_sensitive_state
flow_namesensitive_fieldsappears_in_query_stringappears_in_redirect_locationappears_in_refererappears_in_access_logstorage_mechanismserver_side_stateopaque_cookie_tokencookie_securecookie_http_onlycookie_same_sitedirect_cookie_payload_encryptedttl_secondsclear_on_success
output_context
templatevariablehtml_contextescaping_functionallows_html
upload_policy
field_nameallowed_extensionsallowed_mime_typesmax_size_bytesstorage_locationmalware_scan_policydownload_authorization
secret
namestoragerotation_policyexposed_to_clientlogged
security_header_set
cspframe_ancestorsreferrer_policycontent_type_optionshsts
audit_event
event_typeactor_idsubject_idtenant_idtimestampcorrelation_id
db_context_policy
context_namecontext_scopetransaction_requiredreset_policypersistent_worker_safeactor_sourceserver_authoritativeclient_override_allowed