 Documentation
      ¶
      Documentation
      ¶
    
    
  
    
  
    Index ¶
- func CacheControlMaxAge(seconds uint32) *uint32
- func DefaultCORS() webserver.MiddlewareFunc
- func DefaultSafeBrowsing() webserver.MiddlewareFunc
- func DisableClientCache() webserver.MiddlewareFunc
- func NewCORS(opts CORSOptions) webserver.MiddlewareFunc
- func NewCacheControl(opts CacheControlOptions) webserver.MiddlewareFunc
- func NewConditional(cond ConditionEvaluator, m webserver.MiddlewareFunc) webserver.MiddlewareFunc
- func NewNoOP() webserver.MiddlewareFunc
- func NewPanic(opts PanicOptions) webserver.MiddlewareFunc
- func NewProtected(evaluator ProtectedEndpointEvaluator) webserver.MiddlewareFunc
- func NewSafeBrowsing(opts SafeBrowsingOptions) webserver.MiddlewareFunc
- func NewTrailingSlash(opts TrailingSlashOptions) webserver.MiddlewareFunc
- func ProtectedWithToken(accessToken string) webserver.MiddlewareFunc
- type CORSOptions
- type CacheControlOptions
- type ConditionEvaluator
- type PanicErrorHandler
- type PanicOptions
- type ProtectedEndpointEvaluator
- type SafeBrowsingOptions
- type TrailingSlashOptions
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CacheControlMaxAge ¶
func DefaultCORS ¶
func DefaultCORS() webserver.MiddlewareFunc
DefaultCORS creates a default CORS middleware that allows requests from anywhere
func DefaultSafeBrowsing ¶ added in v1.3.0
func DefaultSafeBrowsing() webserver.MiddlewareFunc
DefaultSafeBrowsing creates a default SafeBrowsing middleware with commonly used options
func DisableClientCache ¶ added in v1.1.4
func DisableClientCache() webserver.MiddlewareFunc
DisableClientCache creates a default cache control middleware that disables the client's cache
func NewCORS ¶
func NewCORS(opts CORSOptions) webserver.MiddlewareFunc
NewCORS creates a new CORS middleware based on the specified options
func NewCacheControl ¶
func NewCacheControl(opts CacheControlOptions) webserver.MiddlewareFunc
NewCacheControl creates a new client cache control middleware based on the specified options
func NewConditional ¶ added in v1.1.4
func NewConditional(cond ConditionEvaluator, m webserver.MiddlewareFunc) webserver.MiddlewareFunc
NewConditional wraps a middleware to conditionally execute or skip it depending on the evaluator's return value
func NewNoOP ¶ added in v1.3.0
func NewNoOP() webserver.MiddlewareFunc
NewNoOP creates a no-operation middleware
func NewPanic ¶ added in v1.3.0
func NewPanic(opts PanicOptions) webserver.MiddlewareFunc
NewPanic wraps a middleware that recovers from panics
func NewProtected ¶ added in v1.1.4
func NewProtected(evaluator ProtectedEndpointEvaluator) webserver.MiddlewareFunc
NewProtected creates a protection middleware based on an evaluator callback
func NewSafeBrowsing ¶ added in v1.3.0
func NewSafeBrowsing(opts SafeBrowsingOptions) webserver.MiddlewareFunc
NewSafeBrowsing creates a new SafeBrowsing middleware based on the specified options
func NewTrailingSlash ¶ added in v1.3.0
func NewTrailingSlash(opts TrailingSlashOptions) webserver.MiddlewareFunc
NewTrailingSlash creates a new middleware to handle trailing slashes in request's paths
func ProtectedWithToken ¶ added in v1.1.4
func ProtectedWithToken(accessToken string) webserver.MiddlewareFunc
ProtectedWithToken creates a protection middleware based on an access token string
Types ¶
type CORSOptions ¶
type CORSOptions struct {
	// AllowOrigins defines a list of origins that may access the resource.
	// Optional. Defaults to "*".
	AllowOrigins []string `json:"allow-origins,omitempty"`
	// AllowMethods defines a list methods allowed when accessing the resource.
	// If defined as an empty list, the preflight `Allow` request header value will be used.
	AllowMethods []string `json:"allow-methods,omitempty"`
	// AllowHeaders defines a list of request headers that can be used when
	// making the actual request.
	AllowHeaders []string `json:"allow-headers,omitempty"`
	// AllowCredentials indicates whether the response to the request
	// can be exposed when the credentials flag is true.
	// Do not set to true if allow origins is "*".
	// See: http://blog.portswigger.net/2016/10/exploiting-cors-misconfigurations-for.html
	AllowCredentials bool `json:"allow-credentials,omitempty"`
	// ExposeHeaders defines a whitelist headers that clients are allowed to access.
	ExposeHeaders []string `json:"expose-headers,omitempty"`
	// MaxAge indicates how many seconds the results of a preflight request can be cached. Defaults to 0.
	MaxAge int `json:"max-age,omitempty"`
}
    CORSOptions defines the behavior on how CORS requests should be handled.
type CacheControlOptions ¶
type CacheControlOptions struct {
	Public                        bool
	Private                       bool
	NoCache                       bool
	NoStore                       bool
	NoTransform                   bool
	MustRevalidate                bool
	ProxyRevalidate               bool
	MaxAgeInSeconds               *uint32
	StaleWhileRevalidateInSeconds *uint32
	StaleIfErrorInSeconds         *uint32
}
    CacheControlOptions defines the behavior on how Cache-Control headers are sent.
type ConditionEvaluator ¶ added in v1.1.4
type ConditionEvaluator func(req *request.RequestContext) bool
ConditionEvaluator defines a function that executes the wrapped middleware if returns true
type PanicErrorHandler ¶ added in v1.3.0
type PanicErrorHandler func(req *request.RequestContext, err error, stack []byte) error
PanicErrorHandler defines a function to call when a panic occurs.
type PanicOptions ¶ added in v1.3.0
type PanicOptions struct {
	// StackSize establishes the maximum stack buffer to print in bytes.
	StackSize int `json:"stackSize,omitempty"`
	// IncludeAllGoRoutines, if true, then the stack of all the go routines are included.
	IncludeAllGoRoutines bool `json:"includeAllGoRoutines,omitempty"`
	// PanicErrorHandler is an optional custom callback to call if a panic is raised.
	PanicErrorHandler PanicErrorHandler
}
    PanicOptions defines the behavior on how to deal with panics raised by request handlers.
type ProtectedEndpointEvaluator ¶ added in v1.1.4
type ProtectedEndpointEvaluator func(req *request.RequestContext) bool
ProtectedEndpointEvaluator evaluates if endpoint access must be denied. Return true to deny access.
type SafeBrowsingOptions ¶ added in v1.3.0
type SafeBrowsingOptions struct {
	// XXSSProtection sets the `X-XSS-Protection` header to stops pages from loading when they detect reflected
	// cross-site scripting (XSS) attacks.
	// Optional. Defaults to "1; mode=block".
	XXSSProtection string `json:"x-xss-protection,omitempty"`
	// XContentTypeNoSniff sets the `X-Content-Type-Options` header to indicate that the MIME types advertised
	// in the Content-Type headers should be followed and not be changed.
	// Optional. Defaults to "nosniff".
	XContentTypeNoSniff string `json:"x-content-type-options,omitempty"`
	// XFrameOptions can be used to indicate whether a browser should be allowed to render a page in a <frame>,
	// <iframe> or <object>.
	// Optional. Defaults to "sameorigin".
	// Possible values: "sameorigin", "deny", "allow-from uri"
	XFrameOptions string `json:"x-frame-options,omitempty"`
	// HSTS controls the `Strict-Transport-Security` header to inform browsers that the site should only be
	// accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be
	// converted to HTTPS.
	HSTS struct {
		// MaxAge establishes the time, in seconds, that the browser should remember that a site is only to be
		// accessed using HTTPS.
		// Optional. Defaults to 0.
		MaxAge uint `json:"max-age,omitempty"`
		// IncludeSubdomains is used to apply the HSTS settings to all of the site's subdomains as well.
		// Optional.
		IncludeSubdomains bool `json:"include-subdomains,omitempty"`
		// Preload will add the preload tag in the HSTS header. See https://hstspreload.org/ for details.
		// Optional.
		Preload bool `json:"preload,omitempty"`
	} `json:"hsts,omitempty"`
	// ContentSecurityPolicy sets the `Content-Security-Policy` header to enhance security against XSS.
	// Optional.
	ContentSecurityPolicy string `json:"content-security-policy,omitempty"`
	// ContentSecurityPolicyReportOnly would use the `Content-Security-Policy-Report-Only` header instead
	// of the `Content-Security-Policy` header. Used to report violations instead of blocking resources.
	// Optional.
	ContentSecurityPolicyReportOnly bool `json:"csp-report-only,omitempty"`
	// ReferrerPolicy sets the `Referrer-Policy` header providing security against leaking potentially sensitive
	// request paths to third parties.
	// Optional.
	ReferrerPolicy string `json:"referrer-policy,omitempty"`
}
    SafeBrowsingOptions defines how common response headers for safe browsing are added.
type TrailingSlashOptions ¶ added in v1.3.0
type TrailingSlashOptions struct {
	// Remove tells the middleware to remove trailing slashes if present.
	// If this setting is false, then the trailing slash is added if absent.
	Remove bool `json:"remove,omitempty"`
	// RedirectCode, if not zero, will make the middleware to return a redirect response.
	RedirectCode uint `json:"redirectCode,omitempty"`
}
    TrailingSlashOptions defines a middleware that adds or removes trailing slashes in paths.