Skip to content
/ safefront Public

πŸ›‘οΈ A front-end web security toolkit with password strength checker, URL inspector, HTTP security headers audit, and XSS sanitizer demo. Built with React + Vite, deployed on Vercel.

safefront-eight.vercel.app

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jbloch100/safefront

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

4 Commits
api
api
Β 
Β 
public
public
Β 
Β 
server
server
Β 
Β 
src
src
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
index.html
index.html
Β 
Β 
package-lock.json
package-lock.json
Β 
Β 
package.json
package.json
Β 
Β 
vite.config.js
vite.config.js
Β 
Β 

Repository files navigation

SafeFront

Live React Vite Vercel Security

SafeFront is a front‑end web security toolkit built with React + Vite.
It includes a password strength tool, a suspicious URL inspector, a security headers audit (via API), and an XSS sanitization demo using DOMPurify.

πŸ”— Live Demo: https://safefront-eight.vercel.app/

✨ Features

  • Password Strength Checker – entropy/length/character classes
  • URL Inspector – flags punycode, IP hosts, suspicious TLDs, many subdomains, and non‑HTTPS
  • Security Headers Audit – backend fetch to site and reports CSP, HSTS, XFO, X‑CTO, Referrer‑Policy, Permissions‑Policy
  • Sanitizer Demo – shows how DOMPurify prevents XSS
  • Clean UI – responsive, lightweight

πŸ›  Tech Stack

  • Frontend: React, Vite, CSS
  • Security: DOMPurify
  • API: Serverless endpoint on Vercel (/api/headers)
  • Hosting: Vercel

πŸ“‚ Structure

safefront/
β”œβ”€ api/                 # Vercel serverless functions
β”‚  └─ headers.js        # GET /api/headers?url=...
β”œβ”€ server/              # Local dev Express server (optional)
β”‚  └─ index.js
β”œβ”€ src/
β”‚  β”œβ”€ components/       # UI widgets
β”‚  β”œβ”€ sections/         # Tools pages
β”‚  β”œβ”€ App.jsx
β”‚  β”œβ”€ main.jsx
β”‚  └─ index.css
β”œβ”€ package.json
β”œβ”€ vite.config.js
└─ index.html

πŸ”§ Local Setup

npm install
npm run dev:api   # starts local API (optional for dev)
npm run dev       # starts Vite (http://localhost:5173)

Vite proxies /api to http://localhost:5174 during dev (see vite.config.js).

🌐 Deployment

Deployed on Vercel (zero config):

  • Build: npm run build
  • Output: dist
  • API: api/headers.js β†’ /api/headers

Live: https://safefront-eight.vercel.app/

πŸ”Ž API: Security Headers Audit

Endpoint

GET /api/headers?url=https://example.com

Response

{
  "ok": true,
  "url": "https://example.com/",
  "status": 200,
  "headers": { "content-security-policy": "...", "strict-transport-security": "..." },
  "audit": {
    "hsts": true,
    "csp": true,
    "xFrameOptions": true,
    "xContentTypeOptions": true,
    "referrerPolicy": true,
    "permissionsPolicy": false,
    "httpsRedirectLikely": true
  }
}

πŸ“Έ Screenshots

Mobile View

SafeFront - Mobile

Desktop View

SafeFront - Desktop

πŸ§ͺ Troubleshooting

  • react/jsx-runtime not found β†’ ensure react and react-dom are installed (18.x) and @vitejs/plugin-react is enabled in vite.config.js.
  • 404 on /api/headers in prod β†’ file must be at repo root: api/headers.js.
  • CORS locally β†’ use npm run dev:api + Vite proxy (already set).

🏷 GitHub Topics

react vite javascript security web-security http-headers xss dompurify vercel

πŸ“„ License

MIT β€” see LICENSE.

About

πŸ›‘οΈ A front-end web security toolkit with password strength checker, URL inspector, HTTP security headers audit, and XSS sanitizer demo. Built with React + Vite, deployed on Vercel.

safefront-eight.vercel.app

Topics

react javascript security xss password-strength web-security dompurify http-headers vite vercel

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages