Documentation
¶
Index ¶
- Constants
- Variables
- type ConfigError
- type ContentSecurityPolicyConfig
- type Directive
- func NewBaseUri(sources ...Source) Directive
- func NewConnectSrc(sources ...Source) Directive
- func NewDefaultSrc(sources ...Source) Directive
- func NewFontSrc(sources ...Source) Directive
- func NewFormAction(sources ...Source) Directive
- func NewFrameAncestors(sources ...Source) Directive
- func NewFrameSrc(sources ...Source) Directive
- func NewGenericSourceDirective(name string, sources ...Source) (d Directive)
- func NewImgSrc(sources ...Source) Directive
- func NewManifestSrc(sources ...Source) Directive
- func NewMediaSrc(sources ...Source) Directive
- func NewObjectSrc(sources ...Source) Directive
- func NewPrefetchSrc(sources ...Source) Directive
- func NewReportTo(groupName string) Directive
- func NewReportUri(uri string) Directive
- func NewSandbox(values ...SandboxValue) Directive
- func NewScriptSrc(sources ...Source) Directive
- func NewScriptSrcAttr(sources ...Source) Directive
- func NewScriptSrcElem(sources ...Source) Directive
- func NewStyleSrc(sources ...Source) Directive
- func NewStyleSrcAttr(sources ...Source) Directive
- func NewStyleSrcElem(sources ...Source) Directive
- func NewUpgradeInsecureRequests() Directive
- func NewWorkerSrc(sources ...Source) Directive
- type HashSource
- type HostSource
- type KeywordSource
- type ModifyPolicyFn
- type NonceSource
- type PageContextContentSecurity
- type Policy
- type PolicyHandler
- func (h *PolicyHandler) ApplyHeaders(w http.ResponseWriter, r *http.Request)
- func (h *PolicyHandler) FinalizeRequest(w http.ResponseWriter, r *http.Request)
- func (h *PolicyHandler) GetRequestNonce(tag string, r *http.Request) (nonce string, modified *http.Request)
- func (h *PolicyHandler) GetRequestNonceData(r *http.Request) (data *RequestNonceData, modified *http.Request)
- func (h *PolicyHandler) GetRequestPolicy(r *http.Request) (policy Policy)
- func (h *PolicyHandler) ModifyPolicyMiddleware(fn ModifyPolicyFn) (mw func(next http.Handler) http.Handler)
- func (h *PolicyHandler) NewReportNonce() (nonce string)
- func (h *PolicyHandler) PreparePageContext(config ContentSecurityPolicyConfig, ctx beContext.Context, r *http.Request) (pccs *PageContextContentSecurity, modified *http.Request)
- func (h *PolicyHandler) PrepareRequestMiddleware(next http.Handler) http.Handler
- func (h *PolicyHandler) PruneReportNonces()
- func (h *PolicyHandler) SetRequestPolicy(r *http.Request, policy Policy) (modified *http.Request)
- func (h *PolicyHandler) ValidateReportNonce(nonce string) (valid bool)
- type RequestNonceData
- type SandboxValue
- type SchemeSource
- type Source
- type SourceDirective
- type Sources
- func (s Sources) Append(sources ...Source) (modified Sources)
- func (s Sources) Collapse() (collapsed Sources)
- func (s Sources) FilterAllowedKeywords(allowed ...KeywordSource) (filtered Sources)
- func (s Sources) FilterAllowedTypes(allowed ...string) (filtered Sources)
- func (s Sources) FilterUnsafeInline() (filtered Sources)
- func (s Sources) Sort() (sorted Sources)
Constants ¶
View Source
const ( PolicyTag beContext.RequestKey = "content-security-policy" ReportNonceTag beContext.RequestKey = "content-security-policy-report-nonce" RequestNonceDataTag beContext.RequestKey = "content-security-policy-request-nonce-data" )
View Source
const ( RequestDefaultSrcNonceTag string = "default-src" RequestConnectSrcNonceTag string = "connect-src" RequestFontSrcNonceTag string = "font-src" RequestFrameSrcNonceTag string = "frame-src" RequestImgSrcNonceTag string = "img-src" RequestManifestSrcNonceTag string = "manifest-src" RequestMediaSrcNonceTag string = "media-src" RequestObjectSrcNonceTag string = "object-src" RequestPrefetchSrcNonceTag string = "prefetch-src" RequestScriptSrcNonceTag string = "script-src" RequestScriptSrcElemNonceTag string = "script-src-elem" RequestScriptSrcAttrNonceTag string = "script-src-attr" RequestStyleSrcNonceTag string = "style-src" RequestStyleSrcElemNonceTag string = "style-src-elem" RequestStyleSrcAttrNonceTag string = "style-src-attr" RequestWorkerSrcNonceTag string = "worker-src" RequestBaseUriNonceTag string = "base-uri" RequestFormActionNonceTag string = "form-action" RequestFrameAncestorsNonceTag string = "frame-ancestors" )
View Source
const HashSourceType string = "hash-source"
View Source
const HostSourceType string = "host-source"
View Source
const KeywordSourceType string = "keyword-source"
View Source
const NonceSourceType string = "nonce-source"
View Source
const SchemeSourceType string = "scheme-source"
Variables ¶
View Source
var (
DefaultReportPathPrefix = "/_/csp-violation"
)
Functions ¶
This section is empty.
Types ¶
type ConfigError ¶
type ConfigError []string
func (ConfigError) Error ¶
func (c ConfigError) Error() (msg string)
type ContentSecurityPolicyConfig ¶
type ContentSecurityPolicyConfig struct {
GenericSourceDirective Sources
DefaultSrc Sources
ConnectSrc Sources
FontSrc Sources
FrameSrc Sources
ImgSrc Sources
ManifestSrc Sources
MediaSrc Sources
ObjectSrc Sources
PrefetchSrc Sources
ScriptSrc Sources
ScriptSrcElem Sources
ScriptSrcAttr Sources
StyleSrc Sources
StyleSrcElem Sources
StyleSrcAttr Sources
WorkerSrc Sources
BaseUri Sources
FormAction Sources
FrameAncestors Sources
}
func ParseContentSecurityPolicyConfig ¶
func ParseContentSecurityPolicyConfig(ctx map[string]interface{}) (cspc ContentSecurityPolicyConfig, err error)
func (ContentSecurityPolicyConfig) Apply ¶
func (c ContentSecurityPolicyConfig) Apply(policy Policy) (modified Policy)
type Directive ¶
func NewBaseUri ¶
func NewConnectSrc ¶
func NewDefaultSrc ¶
func NewFontSrc ¶
func NewFormAction ¶
func NewFrameAncestors ¶
func NewFrameSrc ¶
func NewManifestSrc ¶
func NewMediaSrc ¶
func NewObjectSrc ¶
func NewPrefetchSrc ¶
func NewReportTo ¶
func NewReportUri ¶
func NewSandbox ¶
func NewSandbox(values ...SandboxValue) Directive
func NewScriptSrc ¶
func NewScriptSrcAttr ¶
func NewScriptSrcElem ¶
func NewStyleSrc ¶
func NewStyleSrcAttr ¶
func NewStyleSrcElem ¶
func NewUpgradeInsecureRequests ¶
func NewUpgradeInsecureRequests() Directive
func NewWorkerSrc ¶
type HashSource ¶
type HashSource struct {
// contains filtered or unexported fields
}
func NewHashSource ¶
func NewHashSource(algo, hash string) (value HashSource)
func ParseHashSource ¶
func ParseHashSource(input string) (s HashSource, ok bool)
func (HashSource) SourceType ¶
func (s HashSource) SourceType() string
func (HashSource) Value ¶
func (s HashSource) Value() (value string)
type HostSource ¶
type HostSource struct {
// contains filtered or unexported fields
}
func NewHostSource ¶
func NewHostSource(value string) (v HostSource)
func ParseHostSource ¶
func ParseHostSource(input string) (s HostSource, ok bool)
func (HostSource) SourceType ¶
func (s HostSource) SourceType() string
func (HostSource) Value ¶
func (s HostSource) Value() (value string)
type KeywordSource ¶
type KeywordSource string
const ( None KeywordSource = `none` Self KeywordSource = `self` UnsafeEval KeywordSource = `unsafe-eval` UnsafeHashes KeywordSource = `unsafe-hashes` UnsafeInline KeywordSource = `unsafe-inline` RequireSample KeywordSource = `require-sample` StrictDynamic KeywordSource = `strict-dynamic` WasmUnsafeEval KeywordSource = `wasm-unsafe-eval` )
func ParseKeywordSource ¶
func ParseKeywordSource(input string) (s KeywordSource, ok bool)
func (KeywordSource) SourceType ¶
func (s KeywordSource) SourceType() string
func (KeywordSource) Value ¶
func (s KeywordSource) Value() (value string)
type NonceSource ¶
type NonceSource string
func NewNonceSource ¶
func NewNonceSource(nonce string) (value NonceSource)
func ParseNonceSource ¶
func ParseNonceSource(input string) (s NonceSource, ok bool)
func (NonceSource) SourceType ¶
func (s NonceSource) SourceType() string
func (NonceSource) Value ¶
func (s NonceSource) Value() (value string)
type Policy ¶
type Policy interface {
// Set overwrites any existing version of the same directives (chainable)
Set(d Directive) Policy
// Add appends the given directive (chainable)
Add(d Directive) Policy
// Value returns a string suitable for use in HTTP header responses
Value() string
// Find returns all directive instances of named type
Find(name string) (found []Directive)
// None returns true if Empty or there is only the None source present in the named directive
None(name string) (none bool)
// Empty returns true if there are no directives present
Empty() (empty bool)
// Unsafe returns true if any "unsafe" sources are present in the named directive
Unsafe(name string) (unsafe bool)
// Collapse reduces directives of the same type and places default-src first, returns a new Policy
Collapse() Policy
// Directives returns the list of directives present
Directives() (directives []Directive)
}
func DefaultContentSecurityPolicy ¶
func DefaultContentSecurityPolicy() Policy
func StrictContentSecurityPolicy ¶
func StrictContentSecurityPolicy() Policy
type PolicyHandler ¶
func NewPolicyHandler ¶
func NewPolicyHandler() (h *PolicyHandler)
func (*PolicyHandler) ApplyHeaders ¶
func (h *PolicyHandler) ApplyHeaders(w http.ResponseWriter, r *http.Request)
func (*PolicyHandler) FinalizeRequest ¶
func (h *PolicyHandler) FinalizeRequest(w http.ResponseWriter, r *http.Request)
func (*PolicyHandler) GetRequestNonce ¶
func (*PolicyHandler) GetRequestNonceData ¶
func (h *PolicyHandler) GetRequestNonceData(r *http.Request) (data *RequestNonceData, modified *http.Request)
func (*PolicyHandler) GetRequestPolicy ¶
func (h *PolicyHandler) GetRequestPolicy(r *http.Request) (policy Policy)
func (*PolicyHandler) ModifyPolicyMiddleware ¶
func (h *PolicyHandler) ModifyPolicyMiddleware(fn ModifyPolicyFn) (mw func(next http.Handler) http.Handler)
func (*PolicyHandler) NewReportNonce ¶
func (h *PolicyHandler) NewReportNonce() (nonce string)
func (*PolicyHandler) PreparePageContext ¶
func (h *PolicyHandler) PreparePageContext(config ContentSecurityPolicyConfig, ctx beContext.Context, r *http.Request) (pccs *PageContextContentSecurity, modified *http.Request)
func (*PolicyHandler) PrepareRequestMiddleware ¶
func (h *PolicyHandler) PrepareRequestMiddleware(next http.Handler) http.Handler
func (*PolicyHandler) PruneReportNonces ¶
func (h *PolicyHandler) PruneReportNonces()
func (*PolicyHandler) SetRequestPolicy ¶
func (*PolicyHandler) ValidateReportNonce ¶
func (h *PolicyHandler) ValidateReportNonce(nonce string) (valid bool)
type RequestNonceData ¶
type SandboxValue ¶
type SandboxValue string
const ( AllowDownloads SandboxValue = "allow-downloads" AllowDownloadsWithoutUserActivation SandboxValue = "allow-downloads-without-user-activation" AllowForms SandboxValue = "allow-forms" AllowModals SandboxValue = "allow-modals" AllowOrientationLock SandboxValue = "allow-orientation-lock" AllowPointerLock SandboxValue = "allow-pointer-lock" AllowPopups SandboxValue = "allow-popups" AllowPopupsToEscapeSandbox SandboxValue = "allow-popups-to-escape-sandbox" AllowPresentation SandboxValue = "allow-presentation" AllowSameOrigin SandboxValue = "allow-same-origin" AllowScripts SandboxValue = "allow-scripts" AllowStorageAccessByUserActivation SandboxValue = "allow-storage-access-by-user-activation" )
type SchemeSource ¶
type SchemeSource string
func NewSchemeSource ¶
func NewSchemeSource(value string) (v SchemeSource)
func ParseSchemeSource ¶
func ParseSchemeSource(input string) (s SchemeSource, ok bool)
func (SchemeSource) SourceType ¶
func (s SchemeSource) SourceType() string
func (SchemeSource) Value ¶
func (s SchemeSource) Value() (value string)
type Source ¶
func ParseSource ¶
type SourceDirective ¶
type Sources ¶
type Sources []Source
func (Sources) FilterAllowedKeywords ¶
func (s Sources) FilterAllowedKeywords(allowed ...KeywordSource) (filtered Sources)
func (Sources) FilterAllowedTypes ¶
func (Sources) FilterUnsafeInline ¶
Source Files
Click to show internal directories.
Click to hide internal directories.