helmet

package module
v2.2.26 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 14, 2023 License: MIT Imports: 2 Imported by: 64

README

Helmet

Release Discord Test Security Linter

Install
go get -u github.com/gofiber/fiber/v2
go get -u github.com/gofiber/helmet/v2
Example
package main

import (
  "github.com/gofiber/fiber/v2"
  "github.com/gofiber/helmet/v2"
)

func main() {
  app := fiber.New()

  app.Use(helmet.New())

  app.Get("/", func(c *fiber.Ctx) error {
    return c.SendString("Welcome!")
  })

  app.Listen(":3000")
}
Test
curl -I http://localhost:3000

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(config ...Config) fiber.Handler

New ...

Types

type Config 

type Config struct {
	// Filter defines a function to skip middleware.
	// Optional. Default: nil
	Filter func(*fiber.Ctx) bool
	// XSSProtection
	// Optional. Default value "0".
	XSSProtection string
	// ContentTypeNosniff
	// Optional. Default value "nosniff".
	ContentTypeNosniff string
	// XFrameOptions
	// Optional. Default value "SAMEORIGIN".
	// Possible values: "SAMEORIGIN", "DENY", "ALLOW-FROM uri"
	XFrameOptions string
	// HSTSMaxAge
	// Optional. Default value 0.
	HSTSMaxAge int
	// HSTSExcludeSubdomains
	// Optional. Default value false.
	HSTSExcludeSubdomains bool
	// ContentSecurityPolicy
	// Optional. Default value "".
	ContentSecurityPolicy string
	// CSPReportOnly
	// Optional. Default value false.
	CSPReportOnly bool
	// HSTSPreloadEnabled
	// Optional. Default value false.
	HSTSPreloadEnabled bool
	// ReferrerPolicy
	// Optional. Default value "no-referrer".
	ReferrerPolicy string
	// Permissions-Policy
	// Optional. Default value "".
	PermissionPolicy string
	// Cross-Origin-Embedder-Policy
	// Optional. Default value "require-corp".
	CrossOriginEmbedderPolicy string
	// Cross-Origin-Opener-Policy
	// Optional. Default value "same-origin".
	CrossOriginOpenerPolicy string
	// Cross-Origin-Resource-Policy
	// Optional. Default value "same-origin".
	CrossOriginResourcePolicy string
	// Origin-Agent-Cluster
	// Optional. Default value "?1".
	OriginAgentCluster string
	// X-DNS-Prefetch-Control
	// Optional. Default value "off".
	XDNSPrefetchControl string
	// X-Download-Options
	// Optional. Default value "noopen".
	XDownloadOptions string
	// X-Permitted-Cross-Domain-Policies
	// Optional. Default value "none".
	XPermittedCrossDomain string
}

Config ...

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.