DefaultHeadersMiddleware
struct DefaultHeadersMiddleware
Default headers that can be configured to improve the security of your application. When developing a secure web application, it's crucial to set HTTP headers that enhance security by mitigating various types of attacks.
Example
use std.net.http.server.{
middlewares.DefaultHeadersMiddleware,
Router,
};
let default_headers = DefaultHeadersMiddleware.new();
default_headers.x_frame_options = nil;
let app = Router.new().with(default_headers);The X-Frame-Options header is used to control whether a browser should be allowed to render a page in an <iframe>.
The X-Frame-Options header is used to control whether a browser should be allowed to render a page in an <iframe>.
The X-Frame-Options header is used to control whether a browser should be allowed to render a page in an <iframe>.
The X-XSS-Protection header is used to enable the Cross-Site Scripting (XSS) filter built into most browsers.
The X-XSS-Protection header is used to enable the Cross-Site Scripting (XSS) filter built into most browsers.
The X-XSS-Protection header is used to enable the Cross-Site Scripting (XSS) filter built into most browsers.
The X-Content-Type-Options header is used to prevent browsers from MIME type sniffing a response away from the declared content type.
The X-Content-Type-Options header is used to prevent browsers from MIME type sniffing a response away from the declared content type.
The X-Content-Type-Options header is used to prevent browsers from MIME type sniffing a response away from the declared content type.
The X-Download-Options header is used to prevent browsers from opening files directly when they are downloaded.
The X-Download-Options header is used to prevent browsers from opening files directly when they are downloaded.
The X-Download-Options header is used to prevent browsers from opening files directly when they are downloaded.
The X-Permitted-Cross-Domain-Policies header is used to control how Adobe Flash, Adobe Acrobat, and other web clients handle cross-domain policies.
The X-Permitted-Cross-Domain-Policies header is used to control how Adobe Flash, Adobe Acrobat, and other web clients handle cross-domain policies.
The X-Permitted-Cross-Domain-Policies header is used to control how Adobe Flash, Adobe Acrobat, and other web clients handle cross-domain policies.
The Referrer-Policy header controls how much referrer information should be included with requests.
The Referrer-Policy header controls how much referrer information should be included with requests.
The Referrer-Policy header controls how much referrer information should be included with requests.
new
pub fn new(): DefaultHeadersMiddleware
[src]
pub fn new(): DefaultHeadersMiddleware {
return DefaultHeadersMiddleware {};
}
Creates a new DefaultHeadersMiddleware middleware.
new
pub fn new(): DefaultHeadersMiddleware
[src]
pub fn new(): DefaultHeadersMiddleware {
return DefaultHeadersMiddleware {};
}
Creates a new DefaultHeadersMiddleware middleware.
Creates a new DefaultHeadersMiddleware middleware.
[src]
pub fn transform(self, handler: Handler): Handler {
return handler
.around(|handler, request| {
let response = try handler.handle(request);
if (let x_frame_options = self.x_frame_options) {
response.headers().append("X-Frame-Options", x_frame_options);
}
if (let x_xss_protection = self.x_xss_protection) {
response.headers().append("X-XSS-Protection", x_xss_protection);
}
if (let x_content_type_options = self.x_content_type_options) {
response.headers().append("X-Content-Type-Options", x_content_type_options);
}
if (let x_download_options = self.x_download_options) {
response.headers().append("X-Download-Options", x_download_options);
}
if (let x_permitted_cross_domain_policies = self.x_permitted_cross_domain_policies) {
response
.headers()
.append("X-Permitted-Cross-Domain-Policies", x_permitted_cross_domain_policies);
}
if (let referrer_policy = self.referrer_policy) {
response.headers().append("Referrer-Policy", referrer_policy);
}
return response;
});
}
[src]
pub fn transform(self, handler: Handler): Handler {
return handler
.around(|handler, request| {
let response = try handler.handle(request);
if (let x_frame_options = self.x_frame_options) {
response.headers().append("X-Frame-Options", x_frame_options);
}
if (let x_xss_protection = self.x_xss_protection) {
response.headers().append("X-XSS-Protection", x_xss_protection);
}
if (let x_content_type_options = self.x_content_type_options) {
response.headers().append("X-Content-Type-Options", x_content_type_options);
}
if (let x_download_options = self.x_download_options) {
response.headers().append("X-Download-Options", x_download_options);
}
if (let x_permitted_cross_domain_policies = self.x_permitted_cross_domain_policies) {
response
.headers()
.append("X-Permitted-Cross-Domain-Policies", x_permitted_cross_domain_policies);
}
if (let referrer_policy = self.referrer_policy) {
response.headers().append("Referrer-Policy", referrer_policy);
}
return response;
});
}