secure_boundary — Input validation, secure extractors, security headers, and browser protections (OWASP C4 + C5 + C8).

Feature Overview

The crate ships a framework-neutral core plus optional HTTP framework adapters. Pick exactly one of axum or actix-web (or both):

Both axum and actix-web can be enabled at the same time (useful when a workspace hosts services on different frameworks). --no-default-features disables both and keeps only the framework-neutral types (validation, SafeUrl, safe-types, limits, IDs).

What this crate gives you

• [SecureValidate] trait for structured four-stage validation pipelines
• [SecureJson], [SecureQuery], [SecurePath] framework extractors
• [SecureXml] axum extractor with XXE prevention (axum feature)
• [SecurityHeadersLayer] middleware for OWASP security headers and CSP nonces
• [cors::secure_cors_defaults] and [cors::SecureCorsBuilder] for secure-by-default CORS (axum feature)
• [FetchMetadataLayer] for blocking unsafe cross-site browser requests
• [BoundaryRejection] error type with safe HTTP response mapping
• [BoundaryViolation] for flowing violations into the security events subsystem
• Safe types: [safe_types::SafePath], [safe_types::SafeFilename], [safe_types::SafeCommandArg], [safe_types::SafeUrl], [safe_types::SafeRedirectUrl], [safe_types::SqlIdentifier], [safe_types::LdapSafeString]
• [sanitize_header_value] for CRLF injection prevention
• Input normalization, strict deserialization, and configurable request limits

Framework selection quickstart

# Axum (default)
secure_boundary = "0.1"

# Actix-web 4
secure_boundary = { version = "0.1", default-features = false, features = ["actix-web"] }

# Both frameworks in the same crate
secure_boundary = { version = "0.1", features = ["actix-web"] }