Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CSRFProtection ¶
func CSRFProtection() gin.HandlerFunc
CSRFProtection implements CSRF protection middleware
func GenerateCSRFToken ¶
GenerateCSRFToken generates a CSRF token for the current session
func RateLimitMiddleware ¶
func RateLimitMiddleware(r rate.Limit, b int) gin.HandlerFunc
RateLimitMiddleware creates a Gin middleware for rate limiting
func SecurityMiddleware ¶
func SecurityMiddleware(config *SecurityConfig) gin.HandlerFunc
SecurityMiddleware adds security headers to each response
Types ¶
type ClientRateLimiter ¶
type ClientRateLimiter struct {
// contains filtered or unexported fields
}
ClientRateLimiter manages per-client rate limiters
func NewClientRateLimiter ¶
func NewClientRateLimiter(r rate.Limit, b int) *ClientRateLimiter
NewClientRateLimiter creates a new ClientRateLimiter
func (*ClientRateLimiter) GetLimiter ¶
func (rl *ClientRateLimiter) GetLimiter(ip string) *rate.Limiter
GetLimiter returns a rate limiter for the specified IP address
type SecurityConfig ¶
type SecurityConfig struct {
// Content Security Policy
CSP string
// XSS Protection header
XSSProtection string
// X-Content-Type-Options header
ContentTypeOptions string
// Referrer-Policy header
ReferrerPolicy string
// Strict-Transport-Security header
HSTS string
// X-Frame-Options header
FrameOptions string
// Feature-Policy header
FeaturePolicy string
// Cache-Control header
CacheControl string
// Generate and add CSP nonce to requests
UseCSPNonce bool
// Rate limiting enabled
EnableRateLimit bool
// Rate limit per minute
RateLimit int
}
SecurityConfig contains configuration for security headers
func DefaultSecurityConfig ¶
func DefaultSecurityConfig() *SecurityConfig
DefaultSecurityConfig returns security configuration with sane defaults
Source Files
Click to show internal directories.
Click to hide internal directories.