coop

package

v0.0.0-...-7bfb722 Latest Latest Go to latest Published: Dec 19, 2024 License: Apache-2.0 Imports: 1 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package coop provides Cross-Origin-Opener-Policy protection. Specification: https://html.spec.whatwg.org/#cross-origin-opener-policies

Index ¶

type Interceptor
- func Default(reportGroup string) Interceptor
- func NewInterceptor(policies ...Policy) Interceptor
type Mode
type Overrider
- func Override(reason string, policies ...Policy) Overrider
type Policy
- func (p Policy) String() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Interceptor ¶

type Interceptor serializedPolicies

Interceptor is the interceptor for COOP.

func Default ¶

func Default(reportGroup string) Interceptor

Default returns a same-origin enforcing interceptor with the given (potentially empty) report group.

func NewInterceptor ¶

func NewInterceptor(policies ...Policy) Interceptor

NewInterceptor constructs an interceptor that applies the given policies.

func (Interceptor) Before ¶

func (it Interceptor) Before(w safehttp.ResponseWriter, r *safehttp.IncomingRequest, cfg safehttp.InterceptorConfig) safehttp.Result

Before claims and sets the Report-Only and Enforcement headers for COOP.

func (Interceptor) Commit ¶

func (it Interceptor) Commit(w safehttp.ResponseHeadersWriter, r *safehttp.IncomingRequest, resp safehttp.Response, _ safehttp.InterceptorConfig)

Commit is a no-op, required to satisfy the safehttp.Interceptor interface.

func (Interceptor) Match ¶

func (it Interceptor) Match(cfg safehttp.InterceptorConfig) bool

Match recognizes Overriders as COOP configurations.

type Mode ¶

type Mode string

Mode represents a COOP mode.

const (
	// SameOrigin is the strictest and safest COOP available: windows can keep a reference of windows they open only if they are same-origin.
	SameOrigin Mode = "same-origin"
	// SameOriginAllowPopups relaxes the same-origin COOP: windows on this origin that open other windows are allowed to keep a reference, but the opposite is not valid.
	SameOriginAllowPopups Mode = "same-origin-allow-popups"
	// UnsafeNone disables COOP: this is the default value in browsers.
	UnsafeNone Mode = "unsafe-none"
)

type Overrider ¶

type Overrider serializedPolicies

Overrider is a safehttp.InterceptorConfig that allows to override COOP for a specific handler.

func Override ¶

func Override(reason string, policies ...Policy) Overrider

Override creates an Overrider with the given policies.

type Policy ¶

type Policy struct {
	// Mode is the mode for the policy.
	Mode Mode
	// ReportingGroup is an optional reporting group that needs to be defined with the Reporting API.
	ReportingGroup string
	// ReportOnly makes the policy report-only if set.
	ReportOnly bool
}

Policy represents a Cross-Origin-Opener-Policy value.

func (Policy) String ¶

func (p Policy) String() string

String serializes the policy. The returned value can be used as a header value.

Source Files ¶

View all Source files

coop.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL