owasp-headers
| Crates.io | owasp-headers |
| lib.rs | owasp-headers |
| version | 0.1.2 |
| source | src |
| created_at | 2021-11-25 02:33:12.972422 |
| updated_at | 2021-11-26 00:51:35.619669 |
| description | best-practice OWASP HTTP response headers ( https://owasp.org/www-project-secure-headers/ ) for Rust |
| homepage | https://gitlab.com/jokeyrhyme/owasp-headers-rs |
| repository | https://gitlab.com/jokeyrhyme/owasp-headers-rs.git |
| max_upload_size | |
| id | 487383 |
| size | 10,491 |
Ron Waldon-Howe (jokeyrhyme)
documentation
README
owasp-headers-rs 
best-practice OWASP HTTP response headers ( https://owasp.org/www-project-secure-headers/ ) for Rust
headers
HTTP-Strict-Transport-Security = "max-age=31536000 ; includeSubDomains"
X-Frame-Options = "deny"
X-Content-Type-Options = "nosniff"
Content-Security-Policy = "default-src 'self'; object-src 'none'; child-src 'self'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content"
X-Permitted-Cross-Domain-Policies = "none"
Referrer-Policy = "no-referrer"
Clear-Site-Data = "\"cache\",\"cookies\",\"storage\""
Cross-Origin-Embedder-Policy = "require-corp"
Cross-Origin-Opener-Policy = "same-origin"
Cross-Origin-Resource-Policy = "same-origin"
Permissions-Policy = "accelerometer=(),autoplay=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(),xr-spatial-tracking=()"
Cache-Control = "no-store, max-age=0"
Pragma = "no-cache"
see also
-
tower-default-headers: source code, crate