Module gotham::middleware::security

source ·
Expand description

Security based middleware to handle security based sanitizations.

Prior to v0.3, this middleware was baked into responses by default. It has now been separated to allow optional usage. You can attach as a middleware at startup to include behaviour as was present before.

Currently this middleware will set the following headers:

  • X-CONTENT-TYPE-OPTIONS: “nosniff”
  • X-FRAME-OPTIONS: “DENY”
  • X-XSS-PROTECTION: “1; mode=block”

More may be added in future, but these headers provide compatibility with previous versions of Gotham.

Structs

Middleware binding for the Gotham security handlers.