web

package

v1.29.0 Latest Latest Go to latest Published: Dec 31, 2025 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/patdeg/common

Links

Open Source Insights

Documentation ¶

Index ¶

func CORSMiddleware(config *SecurityConfig) func(http.Handler) http.Handler
func RateLimitHeaders(w http.ResponseWriter, limit int, remaining int, resetTime int64)
func SanitizeRedirectTarget(raw string, def string) string
func SecureCookieConfig(cookie *http.Cookie, config *SecurityConfig)
func SecurityHeadersMiddleware(config *SecurityConfig) func(http.Handler) http.Handler
func TLSRedirectMiddleware(next http.Handler) http.Handler
type SecurityConfig
- func DefaultSecurityConfig() *SecurityConfig

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CORSMiddleware ¶

func CORSMiddleware(config *SecurityConfig) func(http.Handler) http.Handler

CORSMiddleware handles Cross-Origin Resource Sharing with a blocklist approach

func RateLimitHeaders ¶

func RateLimitHeaders(w http.ResponseWriter, limit int, remaining int, resetTime int64)

RateLimitHeaders adds rate limit information to response headers

func SanitizeRedirectTarget ¶

func SanitizeRedirectTarget(raw string, def string) string

SanitizeRedirectTarget validates and sanitizes redirect URLs to prevent open redirects. It returns the sanitized relative URL if safe, otherwise returns the default URL. Only allows relative URLs starting with "/" on the same host.

func SecureCookieConfig ¶

func SecureCookieConfig(cookie *http.Cookie, config *SecurityConfig)

SecureCookieConfig applies secure cookie settings to a cookie

func SecurityHeadersMiddleware ¶

func SecurityHeadersMiddleware(config *SecurityConfig) func(http.Handler) http.Handler

SecurityHeadersMiddleware adds comprehensive security headers to all responses

func TLSRedirectMiddleware ¶

func TLSRedirectMiddleware(next http.Handler) http.Handler

TLSRedirectMiddleware redirects HTTP requests to HTTPS

Types ¶

type SecurityConfig ¶

type SecurityConfig struct {
	// CSP configuration
	CSPDefaultSrc     []string
	CSPScriptSrc      []string
	CSPStyleSrc       []string
	CSPImgSrc         []string
	CSPFontSrc        []string
	CSPConnectSrc     []string
	CSPFrameSrc       []string
	CSPObjectSrc      []string
	CSPMediaSrc       []string
	CSPWorkerSrc      []string
	CSPManifestSrc    []string
	CSPFormAction     []string
	CSPFrameAncestors []string
	CSPBaseURI        []string

	// CORS configuration
	AllowedOrigins   []string
	AllowedMethods   []string
	AllowedHeaders   []string
	MaxAge           int
	AllowCredentials bool

	// HSTS configuration
	HSTSMaxAge            int
	HSTSIncludeSubdomains bool
	HSTSPreload           bool

	// Cookie configuration
	CookieDomain   string
	CookiePath     string
	CookieSecure   bool
	CookieHTTPOnly bool
	CookieSameSite http.SameSite

	// Feature policy / Permissions policy
	PermissionsPolicy map[string]string
}

SecurityConfig holds security-related configuration

func DefaultSecurityConfig ¶

func DefaultSecurityConfig() *SecurityConfig

DefaultSecurityConfig returns the default security configuration

Source Files ¶

View all Source files

security.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL