generated fromcloudwego/.github
- Notifications
You must be signed in to change notification settings - Fork2
License
NotificationsYou must be signed in to change notification settings
hertz-contrib/secure
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Secure middleware for hertz framework.
This repo is forked fromsecure and adapted for hertz.
go get github.com/hertz-contrib/secure
User passed in custom configuration items
funcNew(opts...Option) app.HandlerFunc
package mainimport ("context""github.com/cloudwego/hertz/pkg/app""github.com/cloudwego/hertz/pkg/app/server""github.com/hertz-contrib/secure")funcmain() {h:=server.Default(server.WithHostPorts("127.0.0.1:8080"),)h.Use(secure.New(secure.WithAllowedHosts([]string{"example.com","ssl.example.com"}),secure.WithSSLHost("ssl.example.com"),))h.GET("/ping",func(c context.Context,ctx*app.RequestContext) {ctx.String(200,"pong")})h.Spin()}
config:options{sslRedirect:true,isDevelopment:false,stsSeconds:315360000,frameDeny:true,contentTypeNosniff:true,browserXssFilter:true,contentSecurityPolicy:"default-src 'self'",ieNoOpen:true,sslProxyHeaders:map[string]string{"X-Forwarded-Proto":"https"}, },
| options | Parameters | value | Description |
|---|---|---|---|
| WithSSLRedirect | bool | true | IfWithSSLRedirect is set to true, then only allow https requests |
| WithIsDevelopment | bool | false | When true, the whole security policy applied by the middleware is disabled completely. |
| WithSTSSecond | int64 | 315360000 | Default is 315360000, which would NOT include the header. |
| WithSTSIncludeSubdomains | bool | false | IfWithSTSIncludeSubdomains is set to true, theincludeSubdomains will be appended to the Strict-Transport-Security header. Default is false. |
| WithFrameDeny | bool | false | IfWithFrameDeny is set to true, adds the X-Frame-Options header with the value ofDENY. Default is false |
| WithContentTypeNosniff | bool | false | IfWithContentTypeNosniff is true, adds the X-Content-Type-Options header with the valuenosniff. Default is false. |
| WithBrowserXssFilter | bool | false | IfWithBrowserXssFilter is true, adds the X-XSS-Protection header with the value1; mode=block. Default is false. |
| WithContentSecurityPolicy | []string | "" | WithContentSecurityPolicy allows the Content-Security-Policy header value to be set with a custom value. Default is "". |
| WithIENoOpen | bool | false | Prevent Internet Explorer from executing downloads in your site’s context |
| WithSSLProxyHeaders | map[string]string | "X-Forwarded-Proto": "https" | This is useful when your app is running behind a secure proxy that forwards requests to your app over http (such as on Heroku). |
| WithAllowedHosts | []string | nil | WithAllowedHosts is a list of fully qualified domain names that are allowed.Default is empty list, which allows any and all host names. |
| WithSSLTemporaryRedirect | bool | false | IfWithSSLTemporaryRedirect is true, the a 302 will be used while redirecting. Default is false (301). |
| WithSSLHost | string | "" | WithSSLHost is the host name that is used to redirect http requests to https. Default is "", which indicates to use the same host. |
| WithCustomFrameOptionsValue | string | nil | WithCustomFrameOptionsValue allows the X-Frame-Options header value to be set with a custom value. This overrides the FrameDeny option. |
| WithReferrerPolicy | string | nil | HTTP header "Referrer-Policy" governs which referrer information, sent in the Referrer header, should be included with requests made. |
| WithBadHostHandler | app.HandlerFunc | nil | Handlers for when an error occurs (ie bad host). |
| WithFeaturePolicy | string | nil | Feature Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
| WithDontRedirectIPV4Hostnames | bool | false | IfWithDontRedirectIPV4Hostnames is true, requests to hostnames that are IPV4 addresses aren't redirected. This is to allow load balancer health checks to succeed. |
This project is under Apache License. See theLICENSE file for the full license text.
About
No description, website, or topics provided.
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Releases
No releases published
Packages0
No packages published
Uh oh!
There was an error while loading.Please reload this page.
Contributors2
Uh oh!
There was an error while loading.Please reload this page.