Crate axum_helmet
source ·Expand description
Helmet middleware for axum.
Example
use axum::{routing::get, Router};
use axum_helmet::{Helmet, HelmetLayer};
use helmet_core::Helmet as HelmetCore;
#[tokio::main]
async fn main() {
let app = Router::new()
.route("/", get(|| async { "Hello, world!" }))
.layer(HelmetLayer::new(
Helmet::new()
.add(helmet_core::XContentTypeOptions::nosniff())
.add(helmet_core::XFrameOptions::same_origin())
.add(helmet_core::XXSSProtection::on().mode_block()),
));
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
axum::serve(listener, app).await.unwrap();
}
Structs
- Manages
Content-Security-Policy
header - Helmet security headers middleware for ntex services
- Create a [
tower::layer::Layer
] that adds helmet headers to responses. Seehelmet_core::Helmet
for more details. - Manages
Origin-Agent-Cluster
header - Response future for [
SetResponseHeader
]. - Manages
Strict-Transport-Security
header - Manages
X-Powered-By
header - Manages
X-XSS-Protection
header
Enums
- Manages
Content-Security-Policy
header - Manages
Cross-Origin-Embedder-Policy
header - Manages
Cross-Origin-Opener-Policy
header - Manages
Cross-Origin-Resource-Policy
header - Manages
Referrer-Policy
header - Manages
X-Content-Type-Options
header - Manages
X-DNS-Prefetch-Control
header - Manages
X-Download-Options
header - Manages
X-Frame-Options
header - Manages
X-Permitted-Cross-Domain-Policies
header
Traits
- Header trait