Documentation ¶
Index ¶
- Constants
- Variables
- type ConfigError
- type ContentSecurityPolicyConfig
- type Directive
- func NewBaseUri(sources ...Source) Directive
- func NewConnectSrc(sources ...Source) Directive
- func NewDefaultSrc(sources ...Source) Directive
- func NewFontSrc(sources ...Source) Directive
- func NewFormAction(sources ...Source) Directive
- func NewFrameAncestors(sources ...Source) Directive
- func NewFrameSrc(sources ...Source) Directive
- func NewGenericSourceDirective(name string, sources ...Source) (d Directive)
- func NewImgSrc(sources ...Source) Directive
- func NewManifestSrc(sources ...Source) Directive
- func NewMediaSrc(sources ...Source) Directive
- func NewObjectSrc(sources ...Source) Directive
- func NewPrefetchSrc(sources ...Source) Directive
- func NewReportTo(groupName string) Directive
- func NewReportUri(uri string) Directive
- func NewSandbox(values ...SandboxValue) Directive
- func NewScriptSrc(sources ...Source) Directive
- func NewScriptSrcAttr(sources ...Source) Directive
- func NewScriptSrcElem(sources ...Source) Directive
- func NewStyleSrc(sources ...Source) Directive
- func NewStyleSrcAttr(sources ...Source) Directive
- func NewStyleSrcElem(sources ...Source) Directive
- func NewUpgradeInsecureRequests() Directive
- func NewWorkerSrc(sources ...Source) Directive
- type HashSource
- type HostSource
- type KeywordSource
- type ModifyPolicyFn
- type NonceSource
- type PageContextContentSecurity
- type Policy
- type PolicyHandler
- func (h *PolicyHandler) ApplyHeaders(w http.ResponseWriter, r *http.Request)
- func (h *PolicyHandler) FinalizeRequest(w http.ResponseWriter, r *http.Request)
- func (h *PolicyHandler) GetRequestNonce(tag string, r *http.Request) (nonce string, modified *http.Request)
- func (h *PolicyHandler) GetRequestNonceData(r *http.Request) (data *RequestNonceData, modified *http.Request)
- func (h *PolicyHandler) GetRequestPolicy(r *http.Request) (policy Policy)
- func (h *PolicyHandler) ModifyPolicyMiddleware(fn ModifyPolicyFn) (mw func(next http.Handler) http.Handler)
- func (h *PolicyHandler) NewReportNonce() (nonce string)
- func (h *PolicyHandler) PreparePageContext(config ContentSecurityPolicyConfig, ctx clContext.Context, r *http.Request) (pccs *PageContextContentSecurity, modified *http.Request)
- func (h *PolicyHandler) PrepareRequestMiddleware(next http.Handler) http.Handler
- func (h *PolicyHandler) PruneReportNonces()
- func (h *PolicyHandler) SetRequestPolicy(r *http.Request, policy Policy) (modified *http.Request)
- func (h *PolicyHandler) ValidateReportNonce(nonce string) (valid bool)
- type RequestNonceData
- type SandboxValue
- type SchemeSource
- type Source
- type SourceDirective
- type Sources
- func (s Sources) Append(sources ...Source) (modified Sources)
- func (s Sources) Collapse() (collapsed Sources)
- func (s Sources) FilterAllowedKeywords(allowed ...KeywordSource) (filtered Sources)
- func (s Sources) FilterAllowedTypes(allowed ...string) (filtered Sources)
- func (s Sources) FilterUnsafeInline() (filtered Sources)
- func (s Sources) Sort() (sorted Sources)
Constants ¶
View Source
const ( PolicyTag request.Key = "content-security-policy" ReportNonceTag request.Key = "content-security-policy-report-nonce" RequestNonceDataTag request.Key = "content-security-policy-request-nonce-data" )
View Source
const ( RequestDefaultSrcNonceTag string = "default-src" RequestConnectSrcNonceTag string = "connect-src" RequestFontSrcNonceTag string = "font-src" RequestFrameSrcNonceTag string = "frame-src" RequestImgSrcNonceTag string = "img-src" RequestManifestSrcNonceTag string = "manifest-src" RequestMediaSrcNonceTag string = "media-src" RequestObjectSrcNonceTag string = "object-src" RequestPrefetchSrcNonceTag string = "prefetch-src" RequestScriptSrcNonceTag string = "script-src" RequestScriptSrcElemNonceTag string = "script-src-elem" RequestScriptSrcAttrNonceTag string = "script-src-attr" RequestStyleSrcNonceTag string = "style-src" RequestStyleSrcElemNonceTag string = "style-src-elem" RequestStyleSrcAttrNonceTag string = "style-src-attr" RequestWorkerSrcNonceTag string = "worker-src" RequestBaseUriNonceTag string = "base-uri" RequestFormActionNonceTag string = "form-action" RequestFrameAncestorsNonceTag string = "frame-ancestors" )
View Source
const HashSourceType string = "hash-source"
View Source
const HostSourceType string = "host-source"
View Source
const KeywordSourceType string = "keyword-source"
View Source
const NonceSourceType string = "nonce-source"
View Source
const SchemeSourceType string = "scheme-source"
Variables ¶
View Source
var (
DefaultReportPathPrefix = "/_/csp-violation"
)
Functions ¶
This section is empty.
Types ¶
type ConfigError ¶
type ConfigError []string
func (ConfigError) Error ¶
func (c ConfigError) Error() (msg string)
type ContentSecurityPolicyConfig ¶
type ContentSecurityPolicyConfig struct { GenericSourceDirective Sources DefaultSrc Sources ConnectSrc Sources FontSrc Sources FrameSrc Sources ImgSrc Sources ManifestSrc Sources MediaSrc Sources ObjectSrc Sources PrefetchSrc Sources ScriptSrc Sources ScriptSrcElem Sources ScriptSrcAttr Sources StyleSrc Sources StyleSrcElem Sources StyleSrcAttr Sources WorkerSrc Sources BaseUri Sources FormAction Sources FrameAncestors Sources }
func ParseContentSecurityPolicyConfig ¶
func ParseContentSecurityPolicyConfig(ctx map[string]interface{}) (cspc ContentSecurityPolicyConfig, err error)
func (ContentSecurityPolicyConfig) Apply ¶
func (c ContentSecurityPolicyConfig) Apply(policy Policy) (modified Policy)
func (ContentSecurityPolicyConfig) Merge ¶ added in v0.5.1
func (c ContentSecurityPolicyConfig) Merge(other ContentSecurityPolicyConfig) (merged ContentSecurityPolicyConfig)
type Directive ¶
func NewBaseUri ¶
func NewConnectSrc ¶
func NewDefaultSrc ¶
func NewFontSrc ¶
func NewFormAction ¶
func NewFrameAncestors ¶
func NewFrameSrc ¶
func NewManifestSrc ¶
func NewMediaSrc ¶
func NewObjectSrc ¶
func NewPrefetchSrc ¶
func NewReportTo ¶
func NewReportUri ¶
func NewSandbox ¶
func NewSandbox(values ...SandboxValue) Directive
func NewScriptSrc ¶
func NewScriptSrcAttr ¶
func NewScriptSrcElem ¶
func NewStyleSrc ¶
func NewStyleSrcAttr ¶
func NewStyleSrcElem ¶
func NewUpgradeInsecureRequests ¶
func NewUpgradeInsecureRequests() Directive
func NewWorkerSrc ¶
type HashSource ¶
type HashSource struct {
// contains filtered or unexported fields
}
func NewHashSource ¶
func NewHashSource(algo, hash string) (value HashSource)
func ParseHashSource ¶
func ParseHashSource(input string) (s HashSource, ok bool)
func (HashSource) SourceType ¶
func (s HashSource) SourceType() string
func (HashSource) Value ¶
func (s HashSource) Value() (value string)
type HostSource ¶
type HostSource struct {
// contains filtered or unexported fields
}
func NewHostSource ¶
func NewHostSource(value string) (v HostSource)
func ParseHostSource ¶
func ParseHostSource(input string) (s HostSource, ok bool)
func (HostSource) SourceType ¶
func (s HostSource) SourceType() string
func (HostSource) Value ¶
func (s HostSource) Value() (value string)
type KeywordSource ¶
type KeywordSource string
const ( None KeywordSource = `none` Self KeywordSource = `self` UnsafeEval KeywordSource = `unsafe-eval` UnsafeHashes KeywordSource = `unsafe-hashes` UnsafeInline KeywordSource = `unsafe-inline` RequireSample KeywordSource = `require-sample` StrictDynamic KeywordSource = `strict-dynamic` WasmUnsafeEval KeywordSource = `wasm-unsafe-eval` )
func ParseKeywordSource ¶
func ParseKeywordSource(input string) (s KeywordSource, ok bool)
func (KeywordSource) SourceType ¶
func (s KeywordSource) SourceType() string
func (KeywordSource) Value ¶
func (s KeywordSource) Value() (value string)
type NonceSource ¶
type NonceSource string
func NewNonceSource ¶
func NewNonceSource(nonce string) (value NonceSource)
func ParseNonceSource ¶
func ParseNonceSource(input string) (s NonceSource, ok bool)
func (NonceSource) SourceType ¶
func (s NonceSource) SourceType() string
func (NonceSource) Value ¶
func (s NonceSource) Value() (value string)
type Policy ¶
type Policy interface { // Set overwrites any existing version of the same directives (chainable) Set(d Directive) Policy // Add appends the given directive (chainable) Add(d Directive) Policy // Value returns a string suitable for use in HTTP header responses Value() string // Find returns all directive instances of named type Find(name string) (found []Directive) // None returns true if Empty or there is only the None source present in the named directive None(name string) (none bool) // Empty returns true if there are no directives present Empty() (empty bool) // Unsafe returns true if any "unsafe" sources are present in the named directive Unsafe(name string) (unsafe bool) // Collapse reduces directives of the same type and places default-src first, returns a new Policy Collapse() Policy // Directives returns the list of directives present Directives() (directives []Directive) }
func DefaultContentSecurityPolicy ¶
func DefaultContentSecurityPolicy() Policy
func StrictContentSecurityPolicy ¶
func StrictContentSecurityPolicy() Policy
type PolicyHandler ¶
func NewPolicyHandler ¶
func NewPolicyHandler() (h *PolicyHandler)
func (*PolicyHandler) ApplyHeaders ¶
func (h *PolicyHandler) ApplyHeaders(w http.ResponseWriter, r *http.Request)
func (*PolicyHandler) FinalizeRequest ¶
func (h *PolicyHandler) FinalizeRequest(w http.ResponseWriter, r *http.Request)
func (*PolicyHandler) GetRequestNonce ¶
func (*PolicyHandler) GetRequestNonceData ¶
func (h *PolicyHandler) GetRequestNonceData(r *http.Request) (data *RequestNonceData, modified *http.Request)
func (*PolicyHandler) GetRequestPolicy ¶
func (h *PolicyHandler) GetRequestPolicy(r *http.Request) (policy Policy)
func (*PolicyHandler) ModifyPolicyMiddleware ¶
func (h *PolicyHandler) ModifyPolicyMiddleware(fn ModifyPolicyFn) (mw func(next http.Handler) http.Handler)
func (*PolicyHandler) NewReportNonce ¶
func (h *PolicyHandler) NewReportNonce() (nonce string)
func (*PolicyHandler) PreparePageContext ¶
func (h *PolicyHandler) PreparePageContext(config ContentSecurityPolicyConfig, ctx clContext.Context, r *http.Request) (pccs *PageContextContentSecurity, modified *http.Request)
func (*PolicyHandler) PrepareRequestMiddleware ¶
func (h *PolicyHandler) PrepareRequestMiddleware(next http.Handler) http.Handler
func (*PolicyHandler) PruneReportNonces ¶
func (h *PolicyHandler) PruneReportNonces()
func (*PolicyHandler) SetRequestPolicy ¶
func (*PolicyHandler) ValidateReportNonce ¶
func (h *PolicyHandler) ValidateReportNonce(nonce string) (valid bool)
type RequestNonceData ¶
type SandboxValue ¶
type SandboxValue string
const ( AllowDownloads SandboxValue = "allow-downloads" AllowDownloadsWithoutUserActivation SandboxValue = "allow-downloads-without-user-activation" AllowForms SandboxValue = "allow-forms" AllowModals SandboxValue = "allow-modals" AllowOrientationLock SandboxValue = "allow-orientation-lock" AllowPointerLock SandboxValue = "allow-pointer-lock" AllowPopups SandboxValue = "allow-popups" AllowPopupsToEscapeSandbox SandboxValue = "allow-popups-to-escape-sandbox" AllowPresentation SandboxValue = "allow-presentation" AllowSameOrigin SandboxValue = "allow-same-origin" AllowScripts SandboxValue = "allow-scripts" AllowStorageAccessByUserActivation SandboxValue = "allow-storage-access-by-user-activation" )
type SchemeSource ¶
type SchemeSource string
func NewSchemeSource ¶
func NewSchemeSource(value string) (v SchemeSource)
func ParseSchemeSource ¶
func ParseSchemeSource(input string) (s SchemeSource, ok bool)
func (SchemeSource) SourceType ¶
func (s SchemeSource) SourceType() string
func (SchemeSource) Value ¶
func (s SchemeSource) Value() (value string)
type Source ¶
func ParseSource ¶
type SourceDirective ¶
type Sources ¶
type Sources []Source
func (Sources) FilterAllowedKeywords ¶
func (s Sources) FilterAllowedKeywords(allowed ...KeywordSource) (filtered Sources)
func (Sources) FilterAllowedTypes ¶
func (Sources) FilterUnsafeInline ¶
Click to show internal directories.
Click to hide internal directories.