Documentation
¶
Overview ¶
Package fetchmetadata provides Fetch-Metadata based protections.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Policy ¶
type Policy struct {
ReportOnly bool
// contains filtered or unexported fields
}
Policy is a security policy based on Fetch Metadata.
See https://web.dev/fetch-metadata/ for more.
func FramingIsolationPolicy ¶
func FramingIsolationPolicy() *Policy
FramingIsolationPolicy protects from framing attacks.
func ResourceIsolationPolicy ¶
func ResourceIsolationPolicy() *Policy
ResourceIsolationPolicy protects resources.
See https://web.dev/fetch-metadata/ for more details.
func (*Policy) Before ¶
func (p *Policy) Before(w safehttp.ResponseWriter, r *safehttp.IncomingRequest, cfg safehttp.InterceptorConfig) safehttp.Result
Before implements the Fetch Metadata validation and signals logic.
func (*Policy) Commit ¶
func (p *Policy) Commit(w safehttp.ResponseHeadersWriter, r *safehttp.IncomingRequest, resp safehttp.Response, _ safehttp.InterceptorConfig)
Commit is a no-op, required to satisfy the safehttp.Interceptor interface.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package internalunsafefetchmetadata is used internally to override FM policies.
|
Package internalunsafefetchmetadata is used internally to override FM policies. |
|
unsafefetchmetadatafortests
Package unsafefetchmetadatafortests can be used to disable Fetch Metadata protections on specific handler registration in tests.
|
Package unsafefetchmetadatafortests can be used to disable Fetch Metadata protections on specific handler registration in tests. |
|
unsaferesourcepolicy
Package unsaferesourcepolicy can be used to disable Fetch Metadata protections on specific handler registration.
|
Package unsaferesourcepolicy can be used to disable Fetch Metadata protections on specific handler registration. |
Click to show internal directories.
Click to hide internal directories.