security_headers

package

v0.0.0-...-35a4376 Latest Latest Go to latest Published: Jan 6, 2024 License: MIT Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Ferrany1/system-tools

Documentation ¶

Index ¶

Constants
func Middleware(config ...*Config) router.Middleware
type Config
- func NewDefaultConfig() *Config

Constants ¶

View Source

const (
	// ReferrerNoReferrer will lead to the omiision of referrer information entirely.
	// No referrer information is sent along with requests.
	ReferrerNoReferrer = "no-referrer"

	// ReferrerNoReferrerWhenDowngrade is the user agent's default behavior if no policy is specified.
	// The origin is sent as referrer to a-priori as-much-secure destination (HTTPS->HTTPS),
	// but isn't sent to a less secure destination (HTTPS->HTTP).
	ReferrerNoReferrerWhenDowngrade = "no-referrer-when-downgrade"

	// ReferrerOrigin only sends the origin of the document as the referrer in all cases.
	// The document https://example.com/page.html will send the referrer https://example.com/.
	ReferrerOrigin = "origin"

	// ReferrerOriginWhenCrossOrigin sends a full URL when performing a same-origin request,
	// but only sends the origin of the document for other cases.
	ReferrerOriginWhenCrossOrigin = "origin-when-cross-origin" //nolint:gosec // header

	// ReferrerSameOrigin will send a referrer to same-site origins,
	// but cross-origin requests will contain no referrer information.
	ReferrerSameOrigin = "same-origin"

	// ReferrerStrictOrigin only sends the origin of the document as the referrer to a-priori as-much-secure
	// destination (HTTPS->HTTPS), but won't send it to a less secure destination (HTTPS->HTTP).
	ReferrerStrictOrigin = "strict-origin"

	// ReferrerStrictOriginWhenCrossOrigin sends a full URL when performing a same-origin request,
	// only sends the origin of the document to a-priori as-much-secure destination (HTTPS->HTTPS),
	// and sends no header to a less secure destination (HTTPS->HTTP).
	ReferrerStrictOriginWhenCrossOrigin = "strict-origin-when-cross-origin"

	// ReferrerUnsafeURL sends a full URL when performing a same-origin or cross-origin request.
	// NOTE: This policy will leak origins and paths from TLS-protected resources to insecure origins.
	// Carefully consider the impact of this setting.
	ReferrerUnsafeURL = "unsafe-url"

	StrictTransportSecurityDefault = "max-age=31536000"

	XContentTypeOptionsDefault = "nosniff"

	XFrameOptionsDeny = "DENY"

	XFrameOptionsSameOrigin = "SAMEORIGIN"

	XXSSProtectionDefault = "1; mode=block"
)

Variables ¶

This section is empty.

Functions ¶

func Middleware ¶

func Middleware(config ...*Config) router.Middleware

Types ¶

type Config ¶

type Config struct {
	ContentSecurityPolicy   string
	ReferrerPolicy          string
	StrictTransportSecurity string
	XContentTypeOptions     string
	XFrameOptions           string
	XXSSProtection          string
}

func NewDefaultConfig ¶

func NewDefaultConfig() *Config

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL