secureheaders

package

v0.85.0-pre.3 Latest Latest Go to latest Published: Mar 3, 2026 License: BSD-3-Clause Imports: 1 Imported by: 0

Details

github.com/vormadev/vorma/kit/middleware/secureheaders

Drop-in middleware that sets a strict baseline of security headers on every response.

import "github.com/vormadev/vorma/kit/middleware/secureheaders"

wrapped := secureheaders.Middleware(appHandler)

sets common hardening headers (COEP, COOP, CORP, HSTS, Referrer-Policy, X-Frame-Options, etc.)
sets a restrictive Permissions-Policy
removes identifying headers:
Server
X-Powered-By

The middleware writes headers before calling next, so downstream handlers can still override values if needed.

This section is empty.

This section is empty.

func Middleware(next http.Handler) http.Handler

Sets various security-related headers to responses.

This section is empty.