# Q-Blog — Security & Privacy Posture (1.0)

_Generated 2025-08-16 23:27Z_

## Principles

- **Least privilege** — Roles restrict actions; tokens scoped; client never authoritative.
- **Sanitize everywhere** — Rich text sanitized on save and render (allowlist).
- **Fail safe** — On doubt, deny writes; surface clear errors with next actions.
- **Minimal telemetry** — Only crash/quality signals; no PII; user-visible policy.
- **Defense in depth** — CSP, input validation, dependency hygiene, error boundaries.

## Non-Goals (1.0)

- End-to-end encryption for content.
- Fine-grained per-post ACLs (roles are per blog).

## Checklist (Dev)

- Inputs validated client-side; re-validated server-side.
- All writes include role checks and revision/ETag for concurrency.
- Sanitization unit tests cover common XSS vectors.
- Dependencies audited; pinned versions for determinism.