helmet-core
| Crates.io | helmet-core |
| lib.rs | helmet-core |
| version | 0.1.0 |
| source | src |
| created_at | 2024-01-05 20:31:03.7362 |
| updated_at | 2024-01-05 20:31:03.7362 |
| description | HTTP security headers middleware core for various web frameworks |
| homepage | https://github.com/danielkov/ntex-helmet |
| repository | https://github.com/danielkov/ntex-helmet |
| max_upload_size | |
| id | 1090419 |
| size | 61,452 |
Daniel Emod Kovacs (danielkov)
documentation
README
helmet-core - Security Middleware for popular Rust web frameworks
ntex-helmetis a security middleware for thentexweb framework.actix-web-helmetis a security middleware for theactix-webweb framework. Coming Soonrocket-helmetis a security middleware for therocketweb framework. Coming Soonwarp-helmetis a security middleware for thewarpweb framework. Coming Soonaxum-helmetis a security middleware for theaxumweb framework.
It works by setting HTTP headers for you. These headers can help protect your app from some well-known web vulnerabilities:
- Cross-Origin-Embedder-Policy
- Cross-Origin-Opener-Policy
- Cross-Origin-Resource-Policy
- Origin-Agent-Cluster
- Referrer-Policy
- Strict-Transport-Security
- X-Content-Type-Options
- X-DNS-Prefetch-Control
- X-Download-Options
- X-Frame-Options
- X-Permitted-Cross-Domain-Policies
- X-XSS-Protection
- X-Powered-By
- Content-Security-Policy
Usage
Add this to your Cargo.toml:
[dependencies]
helmet-core = "0.1"
Implementing the middleware is different for each framework. See the README for your framework of choice to see how to use it.
Example
use helmet_core::Helmet;
let helmet = Helmet::default();
struct MyCustomFrameworkMiddleware(Helmet);
// Imagine this is a middleware for your favorite framework
impl<S, B> Middleware<S, B> for MyCustomFrameworkMiddleware {
fn start(&self, req: &mut Request<S>) -> Result<Started> {
self.0.headers.iter().for_each(|(k, v)| {
req.headers_mut().insert(k, v.clone());
});
Ok(Started::Done)
}
}
License
This project is licensed under the MIT license.