Struct ajars_surf::surf::http::security::ContentSecurityPolicy
[−]pub struct ContentSecurityPolicy { /* private fields */ }
Expand description
Build a Content-Security-Policy
header.
Content-Security-Policy
(CSP) HTTP headers are used to prevent cross-site
injections. Read more
Examples
use http_types::{headers, security, Response, StatusCode};
let mut policy = security::ContentSecurityPolicy::new();
policy
.default_src(security::Source::SameOrigin)
.default_src("areweasyncyet.rs")
.script_src(security::Source::SameOrigin)
.script_src(security::Source::UnsafeInline)
.object_src(security::Source::None)
.base_uri(security::Source::None)
.upgrade_insecure_requests();
let mut res = Response::new(StatusCode::Ok);
res.set_body("Hello, Chashu!");
security::default(&mut res);
policy.apply(&mut res);
assert_eq!(res["content-security-policy"], "base-uri 'none'; default-src 'self' areweasyncyet.rs; object-src 'none'; script-src 'self' 'unsafe-inline'; upgrade-insecure-requests");
Implementations
impl ContentSecurityPolicy
impl ContentSecurityPolicy
pub fn new() -> ContentSecurityPolicy
pub fn new() -> ContentSecurityPolicy
Create a new instance.
pub fn base_uri<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn base_uri<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy base-uri
directive
pub fn block_all_mixed_content(&mut self) -> &mut ContentSecurityPolicy
pub fn block_all_mixed_content(&mut self) -> &mut ContentSecurityPolicy
Defines the Content-Security-Policy block-all-mixed-content
directive
pub fn connect_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn connect_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy connect-src
directive
pub fn default_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn default_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy default-src
directive
pub fn font_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn font_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy font-src
directive
pub fn form_action<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn form_action<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy form-action
directive
pub fn frame_ancestors<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn frame_ancestors<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy frame-ancestors
directive
pub fn frame_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn frame_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy frame-src
directive
pub fn img_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn img_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy img-src
directive
pub fn media_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn media_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy media-src
directive
pub fn object_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn object_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy object-src
directive
pub fn plugin_types<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn plugin_types<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy plugin-types
directive
pub fn require_sri_for<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn require_sri_for<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy require-sri-for
directive
pub fn report_uri<T>(&mut self, uri: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn report_uri<T>(&mut self, uri: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy report-uri
directive
pub fn report_to(
&mut self,
endpoints: Vec<ReportTo, Global>
) -> &mut ContentSecurityPolicy
pub fn report_to(
&mut self,
endpoints: Vec<ReportTo, Global>
) -> &mut ContentSecurityPolicy
Defines the Content-Security-Policy report-to
directive
pub fn sandbox<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn sandbox<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy sandbox
directive
pub fn script_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn script_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy script-src
directive
pub fn style_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn style_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy style-src
directive
pub fn upgrade_insecure_requests(&mut self) -> &mut ContentSecurityPolicy
pub fn upgrade_insecure_requests(&mut self) -> &mut ContentSecurityPolicy
Defines the Content-Security-Policy upgrade-insecure-requests
directive
pub fn worker_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
pub fn worker_src<T>(&mut self, source: T) -> &mut ContentSecurityPolicy where
T: AsRef<str>,
Defines the Content-Security-Policy worker-src
directive
pub fn report_only(&mut self) -> &mut ContentSecurityPolicy
pub fn report_only(&mut self) -> &mut ContentSecurityPolicy
Change the header to Content-Security-Policy-Report-Only
Trait Implementations
impl Clone for ContentSecurityPolicy
impl Clone for ContentSecurityPolicy
fn clone(&self) -> ContentSecurityPolicy
fn clone(&self) -> ContentSecurityPolicy
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
impl Debug for ContentSecurityPolicy
impl Debug for ContentSecurityPolicy
impl Default for ContentSecurityPolicy
impl Default for ContentSecurityPolicy
fn default() -> ContentSecurityPolicy
fn default() -> ContentSecurityPolicy
Sets the Content-Security-Policy default to “script-src ‘self’; object-src ‘self’”
impl PartialEq<ContentSecurityPolicy> for ContentSecurityPolicy
impl PartialEq<ContentSecurityPolicy> for ContentSecurityPolicy
fn eq(&self, other: &ContentSecurityPolicy) -> bool
fn eq(&self, other: &ContentSecurityPolicy) -> bool
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
fn ne(&self, other: &ContentSecurityPolicy) -> bool
fn ne(&self, other: &ContentSecurityPolicy) -> bool
This method tests for !=
.
impl Eq for ContentSecurityPolicy
impl StructuralEq for ContentSecurityPolicy
impl StructuralPartialEq for ContentSecurityPolicy
Auto Trait Implementations
impl RefUnwindSafe for ContentSecurityPolicy
impl Send for ContentSecurityPolicy
impl Sync for ContentSecurityPolicy
impl Unpin for ContentSecurityPolicy
impl UnwindSafe for ContentSecurityPolicy
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more