rustio-admin 0.12.0

Django Admin, but for Rust. A small, focused admin framework.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

//! Add sensible security headers to every response. No arguments,
//! no config — if someone needs something custom, they can write
//! their own.

use crate::error::Result;
use crate::http::{Request, Response};
use crate::router::Next;

// public:
pub async fn security_headers(req: Request, next: Next) -> Result<Response> {
    let mut resp = next.run(req).await?;
    let headers_to_add = [
        ("x-content-type-options", "nosniff"),
        ("x-frame-options", "DENY"),
        ("referrer-policy", "strict-origin-when-cross-origin"),
        (
            "permissions-policy",
            "geolocation=(), microphone=(), camera=()",
        ),
    ];
    for (name, value) in headers_to_add {
        resp.headers.push((name.to_string(), value.to_string()));
    }
    Ok(resp)
}