Crate axum_helmet

Helmet middleware for axum.

Example

use axum::{routing::get, Router};
use axum_helmet::{Helmet, HelmetLayer};
use helmet_core::Helmet as HelmetCore;

#[tokio::main]
async fn main() {
    let app = Router::new()
        .route("/", get(|| async { "Hello, world!" }))
        .layer(HelmetLayer::new(
            Helmet::new()
                .add(helmet_core::XContentTypeOptions::nosniff())
                .add(helmet_core::XFrameOptions::same_origin())
                .add(helmet_core::XXSSProtection::on().mode_block()),
        ));

    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    axum::serve(listener, app).await.unwrap();
}

Structs

• ContentSecurityPolicy
  Manages Content-Security-Policy header
• Helmet
  Helmet security headers middleware for ntex services
• HelmetInner
• HelmetLayer
  Create a [tower::layer::Layer] that adds helmet headers to responses. See helmet_core::Helmet for more details.
• OriginAgentCluster
  Manages Origin-Agent-Cluster header
• ResponseFuture
  Response future for [SetResponseHeader].
• StrictTransportSecurity
  Manages Strict-Transport-Security header
• XPoweredBy
  Manages X-Powered-By header
• XXSSProtection
  Manages X-XSS-Protection header

Enums

• ContentSecurityPolicyDirective
  Manages Content-Security-Policy header
• CrossOriginEmbedderPolicy
  Manages Cross-Origin-Embedder-Policy header
• CrossOriginOpenerPolicy
  Manages Cross-Origin-Opener-Policy header
• CrossOriginResourcePolicy
  Manages Cross-Origin-Resource-Policy header
• ReferrerPolicy
  Manages Referrer-Policy header
• XContentTypeOptions
  Manages X-Content-Type-Options header
• XDNSPrefetchControl
  Manages X-DNS-Prefetch-Control header
• XDownloadOptions
  Manages X-Download-Options header
• XFrameOptions
  Manages X-Frame-Options header
• XPermittedCrossDomainPolicies
  Manages X-Permitted-Cross-Domain-Policies header

Traits

• Header
  Header trait