Directories ¶
Path | Synopsis |
---|---|
Package collector provides a function for creating violation report handlers.
|
Package collector provides a function for creating violation report handlers. |
Package coop provides Cross-Origin-Opener-Policy protection.
|
Package coop provides Cross-Origin-Opener-Policy protection. |
Package cors provides a safehttp.Interceptor that handles CORS requests.
|
Package cors provides a safehttp.Interceptor that handles CORS requests. |
Package csp provides a safehttp.Interceptor which applies Content-Security Policies to responses.
|
Package csp provides a safehttp.Interceptor which applies Content-Security Policies to responses. |
internalunsafecsp
Package internalunsafecsp is used internally to override CSP.
|
Package internalunsafecsp is used internally to override CSP. |
internalunsafecsp/unsafecspfortests
Package unsafecspfortests can be used to disable CSP on specific handler registration in tests.
|
Package unsafecspfortests can be used to disable CSP on specific handler registration in tests. |
internalunsafecsp/unsafestrictcsp
Package unsafestrictcsp can be used to disable Strict CSP protections on specific handler registration.
|
Package unsafestrictcsp can be used to disable Strict CSP protections on specific handler registration. |
internalunsafecsp/unsafetrustedtypes
Package unsafetrustedtypes can be used to disable Trusted Types protections on specific handler registration.
|
Package unsafetrustedtypes can be used to disable Trusted Types protections on specific handler registration. |
Package fetchmetadata provides Fetch-Metadata based protections.
|
Package fetchmetadata provides Fetch-Metadata based protections. |
internalunsafefetchmetadata
Package internalunsafefetchmetadata is used internally to override FM policies.
|
Package internalunsafefetchmetadata is used internally to override FM policies. |
internalunsafefetchmetadata/unsafefetchmetadatafortests
Package unsafefetchmetadatafortests can be used to disable Fetch Metadata protections on specific handler registration in tests.
|
Package unsafefetchmetadatafortests can be used to disable Fetch Metadata protections on specific handler registration in tests. |
internalunsafefetchmetadata/unsaferesourcepolicy
Package unsaferesourcepolicy can be used to disable Fetch Metadata protections on specific handler registration.
|
Package unsaferesourcepolicy can be used to disable Fetch Metadata protections on specific handler registration. |
Package framing provides utilities to install a comprehensive framing protection.
|
Package framing provides utilities to install a comprehensive framing protection. |
internalunsafeframing
Package internalunsafeframing is used internally to override Framing protections.
|
Package internalunsafeframing is used internally to override Framing protections. |
internalunsafeframing/unsafeframing
Package unsafeframing can be used to disable Framing protections on specific handler registration.
|
Package unsafeframing can be used to disable Framing protections on specific handler registration. |
internalunsafeframing/unsafeframingfortests
Package unsafeframingfortests can be used to disable Framing protections on specific handler registration in tests.
|
Package unsafeframingfortests can be used to disable Framing protections on specific handler registration in tests. |
Package hostcheck provides a plugin that checks whether the request is intended to be sent to a given host.
|
Package hostcheck provides a plugin that checks whether the request is intended to be sent to a given host. |
Package hsts provides HTTP Strict Transport Security.
|
Package hsts provides HTTP Strict Transport Security. |
Package htmlinject provides utilities to pre-process HTML templates and inject additional parts into them before parsing.
|
Package htmlinject provides utilities to pre-process HTML templates and inject additional parts into them before parsing. |
Package reportingapi is an implementation of the Report-To header described in https://www.w3.org/TR/reporting/#header.
|
Package reportingapi is an implementation of the Report-To header described in https://www.w3.org/TR/reporting/#header. |
Package staticheaders provides a safehttp.Interceptor which sets security sensitive headers on every response.
|
Package staticheaders provides a safehttp.Interceptor which sets security sensitive headers on every response. |
Package xsrf contains helper functions for the safehttp.Interceptor that provide protection against Cross-Site Request Forgery attacks.
|
Package xsrf contains helper functions for the safehttp.Interceptor that provide protection against Cross-Site Request Forgery attacks. |
xsrfangular
Package xsrfangular provides a safehttp.Interceptor that ensures Cross-Site Request Forgery protection for Angular applications by verifying the incoming requests, rejecting those requests that are suspected to be part of an attack.
|
Package xsrfangular provides a safehttp.Interceptor that ensures Cross-Site Request Forgery protection for Angular applications by verifying the incoming requests, rejecting those requests that are suspected to be part of an attack. |
xsrfhtml
Package xsrfhtml provides a safehttp.Interceptor that ensures Cross-Site Request Forgery by verifying the incoming requests for the presence of an XSRF token, rejecting those requests that are suspected to be part of an attack.
|
Package xsrfhtml provides a safehttp.Interceptor that ensures Cross-Site Request Forgery by verifying the incoming requests for the presence of an XSRF token, rejecting those requests that are suspected to be part of an attack. |
Click to show internal directories.
Click to hide internal directories.