securitymw

package
v0.0.0-...-83625b3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 16, 2018 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MiddlewareDependencyCSRF    = "*securitymw.CSRFMiddleware"
	MiddlewareDependencyCSRFGet = "*securitymw.CSRFGetMiddleware"
)
View Source 
const MIDDLEWARE_DEPENDENCY_RESTRICTADDRESS = "*securitymw.RestrictAddressMiddleware"
View Source 
const MiddlewareDependencyHSTS = "*securitymw.HSTSMiddleware"

Variables

This section is empty.

Functions

func GetCSRFToken 

func GetCSRFToken(r *http.Request) string

GetCSRFToken returns the CSRF token for the current session.

If the token is not exists, the function generates one and places it inside the session.

func LengthLimitMiddleware 

func LengthLimitMiddleware(limit int64) func(http.Handler) http.Handler

LengthLimitMiddleware limits the request body's length.

Types

type AdminKeyMiddleware 

type AdminKeyMiddleware string

func (AdminKeyMiddleware) Dependencies 

func (key AdminKeyMiddleware) Dependencies() []string

func (AdminKeyMiddleware) Wrap 

func (key AdminKeyMiddleware) Wrap(next http.Handler) http.Handler

type CSRFGetMiddleware 

type CSRFGetMiddleware struct {
	// contains filtered or unexported fields
}

CSRFGetMiddleware checks the CSRF token in the urlParam URL parameter.

This is useful if you want CSRF protection in a GET request. For example, this middleware is used on the auth service's login/logout endpoints. Adding this to the server is discouraged. The middlware should be used only on the individual handlers.

func NewCSRFGetMiddleware 

func NewCSRFGetMiddleware(urlParam string) *CSRFGetMiddleware

func (*CSRFGetMiddleware) Dependencies 

func (c *CSRFGetMiddleware) Dependencies() []string

func (*CSRFGetMiddleware) Wrap 

func (c *CSRFGetMiddleware) Wrap(next http.Handler) http.Handler

type CSRFMiddleware 

type CSRFMiddleware struct{}

CSRFMiddleware enforces the correct X-CSRF-Token header on all POST, PUT, DELETE, PATCH requests.

To obtain a token, use CSRFTokenHandler on a path.

func NewCSRFMiddleware 

func NewCSRFMiddleware() *CSRFMiddleware

func (*CSRFMiddleware) Dependencies 

func (c *CSRFMiddleware) Dependencies() []string

func (*CSRFMiddleware) Wrap 

func (c *CSRFMiddleware) Wrap(next http.Handler) http.Handler

type HSTSMiddleware 

type HSTSMiddleware struct {
	MaxAge            time.Duration
	IncludeSubDomains bool

	middleware.NoDependencies
}

HSTSMiddleware adds HTTP Strict Transport Security headers to the responses.

func (*HSTSMiddleware) String 

func (h *HSTSMiddleware) String() string

func (*HSTSMiddleware) Wrap 

func (h *HSTSMiddleware) Wrap(next http.Handler) http.Handler

type RestrictAddressMiddleware 

type RestrictAddressMiddleware struct {
	middleware.NoDependencies
	// contains filtered or unexported fields
}

RestrictAddressMiddleware restricts access based on the IP address of the client.

Only IP addresses in the given CIDR address ranges will be allowed.

func NewRestrictAddressMiddleware 

func NewRestrictAddressMiddleware(addresses ...string) *RestrictAddressMiddleware

func NewRestrictPrivateAddressMiddleware 

func NewRestrictPrivateAddressMiddleware() *RestrictAddressMiddleware

func (*RestrictAddressMiddleware) Wrap 

func (m *RestrictAddressMiddleware) Wrap(next http.Handler) http.Handler

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.