Crate owasp_headers[−][src]

Expand description

Modern web browsers may prevent or mitigate security vulnerabilities when they encounter the HTTP response headers recommended by OWASP.

This crate offers these HTTP headers and their values, so that they may be more-conveniently used when developing web services in Rust.

Example:

use std::convert::Infallible;
use http::response::Parts;
use hyper::{Body, Request, Response};

async fn handle(_req: Request<Body>) -> Result<Response<Body>, Infallible> {
    let mut response = Response::new(Body::from("hello, world!"));
    let mut headers = response.headers_mut();
    headers.extend(owasp_headers::headers());
    Ok(response)
}

If you are developing a web service using tower::Service, you may find it even more convenient to apply these headers using tower-default-headers.

Functions

headers

produces an owned-collection of headers and their values