pub struct SpaceHelmet { /* fields omitted */ }
A Fairing
that adds HTTP
headers to outgoing responses that control security features on the browser.
To use SpaceHelmet
, first construct an instance of it. To use the default
set of headers, construct with SpaceHelmet::default()
.
For an instance with no preset headers, use SpaceHelmet::new()
. To
enable an additional header, use enable()
, and to
disable a header, use disable()
:
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::{XssFilter, ExpectCt};
let helmet = SpaceHelmet::default();
let helmet = SpaceHelmet::default().disable::<XssFilter>();
let helmet = SpaceHelmet::default().enable(ExpectCt::default());
let helmet = SpaceHelmet::default()
.enable(XssFilter::default())
.enable(ExpectCt::default());
Then, attach the instance of SpaceHelmet
to your application's instance of
Rocket
:
rocket::ignite()
.attach(helmet)
The fairing will inject all enabled headers into all outgoing responses
unless the response already contains a header with the same name. If it
does contain the header, a warning is emitted, and the header is not
overwritten.
If TLS is configured and enabled when the application is launched in a
non-development environment (e.g., staging or production), HSTS is
automatically enabled with its default policy and a warning is issued.
To get rid of this warning, explicitly enable()
an Hsts
policy.
Returns an instance of SpaceHelmet
with no headers enabled.
use rocket_contrib::helmet::SpaceHelmet;
let helmet = SpaceHelmet::new();
Enables the policy header policy
.
If the poliicy was previously enabled, the configuration is replaced
with that of policy
.
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::NoSniff;
let helmet = SpaceHelmet::new().enable(NoSniff::default());
Disables the policy header policy
.
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::NoSniff;
let helmet = SpaceHelmet::default().disable::<NoSniff>();
Returns true
if the policy P
is enabled.
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::{XssFilter, NoSniff, Frame};
use rocket_contrib::helmet::{Hsts, ExpectCt, Referrer};
let helmet = SpaceHelmet::default();
assert!(helmet.is_enabled::<XssFilter>());
assert!(helmet.is_enabled::<NoSniff>());
assert!(helmet.is_enabled::<Frame>());
assert!(!helmet.is_enabled::<Hsts>());
assert!(!helmet.is_enabled::<ExpectCt>());
assert!(!helmet.is_enabled::<Referrer>());
Returns a new SpaceHelmet
instance. See the table for a description
of the policies used by default.
use rocket_contrib::helmet::SpaceHelmet;
let helmet = SpaceHelmet::default();
Returns an [Info
] structure containing the name
and [Kind
] of this fairing. The name
can be any arbitrary string. Kind
must be an or
d set of Kind
variants. Read more
The attach callback. Returns Ok
if launch should proceed and Err
if launch should be aborted. Read more
🔬 This is a nightly-only experimental API. (try_from
)
The type returned in the event of a conversion error.
🔬 This is a nightly-only experimental API. (try_from
)
Immutably borrows from an owned value. Read more
🔬 This is a nightly-only experimental API. (try_from
)
The type returned in the event of a conversion error.
🔬 This is a nightly-only experimental API. (try_from
)
Mutably borrows from an owned value. Read more
🔬 This is a nightly-only experimental API. (get_type_id
)
this method will likely be replaced by an associated static
impl<T> Typeable for T where T: Any, | |
Get the TypeId
of this object.
impl<T> IntoCollection for T | |
Converts self
into a collection.
fn mapped<U, F, A>(self, f: F) -> SmallVec<A> where A: Array<Item = U>, F: FnMut(T) -> U, | |
impl<T, I> AsResult for T where I: Input, | |
Convert self
to an expression for Diesel's query builder. Read more
Convert &self
to an expression for Diesel's query builder. Read more