Expand description
Static & edge host config generator (Phase 5 / v2.5).
Static/edge hosts (Netlify, Cloudflare Pages, Vercel) can’t run EdgeGuard’s long-lived proxy
process, but they can apply EdgeGuard’s response-hardening headers at their own edge.
This module renders the [headers] policy into the native config each platform understands —
a _headers file or an edge-middleware snippet — so a project hosted there gets the same
security headers the proxy would inject.
The header set comes from crate::proxy::security_headers, the same source of truth the
live proxy uses, so generated output can’t drift from runtime behavior.
Out of scope for a static file: EdgeGuard’s cookie hardening and leaky-header stripping
act on the upstream’s real response and can’t be expressed as “always add this header”; and
a _headers file can’t authenticate or rate-limit. For the full request+response pipeline
(auth, cookie/Set-Cookie rewriting, header stripping) at the edge, use the Rust→WASM
Cloudflare Worker in worker/.
Enums§
- Target
- A static-host / edge target the generator can emit config for.
Functions§
- generate
- Render the configured
[headers]policy as the native config fortarget.