Crate armor

HTTP Security Headers.

Adapted from helmetjs.

Example

let mut headers = http::HeaderMap::new();
armor::armor(&mut headers);
assert_eq!(headers["X-Content-Type-Options"], "nosniff");
assert_eq!(headers["X-XSS-Protection"], "1; mode=block");

Enums

FrameOptions	Set the frameguard level.
ReferrerOptions	Set the Referrer-Policy level

Functions

armor	Apply all protections.
dns_prefetch_control	Disable browsers’ DNS prefetching by setting the X-DNS-Prefetch-Control header.
dont_sniff_mimetype	Prevent browsers from trying to guess (“sniff”) the MIME type, which can have security implications.
frameguard	Mitigates clickjacking attacks by setting the X-Frame-Options header.
hide_powered_by	Removes the X-Powered-By header to make it slightly harder for attackers to see what potentially-vulnerable technology powers your site.
hsts	Sets the Strict-Transport-Security header to keep your users on HTTPS.
referrer_policy	Mitigates referrer leakage by controlling the referer[sic] header in links away from pages
xss_filter	Sets the X-XSS-Protection header to prevent reflected XSS attacks.