armature-security
| Crates.io | armature-security |
| lib.rs | armature-security |
| version | 0.1.2 |
| created_at | 2025-12-27 01:41:23.745893+00 |
| updated_at | 2025-12-30 22:32:23.135943+00 |
| description | Security utilities and middleware for Armature |
| homepage | https://pegasusheavy.github.io/armature |
| repository | https://github.com/pegasusheavy/armature |
| max_upload_size | |
| id | 2006551 |
| size | 131,283 |
Joseph R. Quinn (quinnjr)
documentation
README
armature-security
Security utilities for the Armature framework.
Features
- CSRF Protection - Cross-site request forgery prevention
- XSS Prevention - Content sanitization
- CORS - Cross-origin resource sharing
- Security Headers - Best practice headers
- Input Sanitization - Clean user input
Installation
[dependencies]
armature-security = "0.1"
Quick Start
use armature_security::{CsrfMiddleware, CorsMiddleware, SecurityHeaders};
let app = Application::new()
.with_middleware(SecurityHeaders::default())
.with_middleware(CorsMiddleware::new().allow_origin("https://example.com"))
.with_middleware(CsrfMiddleware::new("secret"));
CSRF Protection
let csrf = CsrfMiddleware::new("secret")
.token_header("X-CSRF-Token")
.cookie_name("csrf_token");
CORS
let cors = CorsMiddleware::new()
.allow_origin("https://example.com")
.allow_methods(vec!["GET", "POST", "PUT", "DELETE"])
.allow_headers(vec!["Content-Type", "Authorization"])
.max_age(3600);
Security Headers
let headers = SecurityHeaders::new()
.content_security_policy("default-src 'self'")
.strict_transport_security(31536000)
.x_frame_options("DENY")
.x_content_type_options("nosniff");
License
MIT OR Apache-2.0