conveyance

Conveyance

Provide security by proxying requests to legacy applications.

• When will a v1 be ready?
• How to get started?
• How to contribute?
• Is this project secure?
• License

When will a v1 be ready?

⚠️ Until a v1.*.* release is created, it is not recommended to use this tool in a production environment.

The following checklist of features is required before a v1 release will be created:

• ✅ Automated CI Pipeline
• ✅ Automated Release Process
• ✅ Automated SAST Pipeline
• ✅ Comprehensive Unit Test Coverage
• ✅ Docker Support
• ✅ Linux, macOS, and Windows Support
• ✅ Version Command
• ❌ Configuration to Selectively Disable or Configure Headers
• ❌ Dynamic Content Security Policy
• ❌ Integration Test Coverage
• ❌ TLS Support
• 🚧 Base Security Headers
• 🚧 Request Logging

How to get started?

Install

Run

conveyance serve --from=:3000 --to=https://example.com

or via Docker:

docker run -it dbtedman/conveyance serve --from=:3000 --to=https://example.com

Demo

curl http://localhost:3000 --head --header "Host: example.com"

You will see something like the following:

Headers not assigned by conveyance have been removed from this example.

HTTP/1.1 200 OK
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'none'; form-action 'self';
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

How to contribute?

Read our Contributing Guide to learn more about how to contribute to this project.

Is this project secure?

Read our Security Guide to learn how security is considered during the development and operation of this application.

License

See LICENSE.md for details.