Skip to main content

Crate secure_boundary

Crate secure_boundary 

Source
Expand description

secure_boundary — Input validation, secure extractors, security headers, and browser protections (OWASP C4 + C5 + C8).

§Feature Overview

The crate ships a framework-neutral core plus optional HTTP framework adapters. Pick exactly one of axum or actix-web (or both):

Feature flagDefaultEnables
axumSecureJson / SecureQuery / SecurePath as FromRequest[Parts]; SecurityHeadersLayer / FetchMetadataLayer as tower layers; cors::secure_cors_defaults; SecureXml
actix-webSecureJson<T> as an actix FromRequest; SecurityHeadersTransform / FetchMetadataTransform actix middleware (see [actix])
html-sanitizeHTML sanitization helpers backed by ammonia
mobile-platformMobile-specific platform guards

Both axum and actix-web can be enabled at the same time (useful when a workspace hosts services on different frameworks). --no-default-features disables both and keeps only the framework-neutral types (validation, SafeUrl, safe-types, limits, IDs).

§What this crate gives you

§Framework selection quickstart

# Axum (default)
secure_boundary = "0.1"

# Actix-web 4
secure_boundary = { version = "0.1", default-features = false, features = ["actix-web"] }

# Both frameworks in the same crate
secure_boundary = { version = "0.1", features = ["actix-web"] }

Re-exports§

pub use attack_signal::BoundaryViolation;
pub use attack_signal::ViolationKind;
pub use cors::secure_cors_defaults;
pub use cors::CorsConfigError;
pub use cors::SecureCorsBuilder;
pub use dto::SecureDto;
pub use error::BoundaryRejection;
pub use extract::SecureJson;
pub use extract::SecurePath;
pub use extract::SecureQuery;
pub use fetch_metadata::FetchMetadataLayer;
pub use header_sanitize::sanitize_header_value;
pub use headers::CspNonce;
pub use headers::SecurityHeadersLayer;
pub use id::OpaquePublicId;
pub use id::OrderId;
pub use id::UserId;
pub use limits::RequestLimits;
pub use safe_types::LdapSafeString;
pub use safe_types::SafeCommandArg;
pub use safe_types::SafeFilename;
pub use safe_types::SafePath;
pub use safe_types::SafeRedirectUrl;
pub use safe_types::SafeUrl;
pub use safe_types::SqlIdentifier;
pub use validate::SecureValidate;
pub use validate::ValidationContext;
pub use xml::SecureXml;

Modules§

attack_signal
Boundary violation detection and security event emission.
content_type
Allowlist-based Content-Type checking.
cors
Secure-by-default CORS helpers built on tower_http::cors::CorsLayer.
dto
DTO marker trait for mass-assignment prevention.
error
Boundary rejection error type with safe HTTP response mapping.
extract
HTTP body/query/path extractors implementing the four-stage validation pipeline.
fetch_metadata
Fetch Metadata request validation middleware.
header_sanitize
CRLF injection prevention for HTTP header values.
headers
Security headers middleware.
id
Canonical ID types for domain identifiers.
limits
Configurable request limits to prevent resource exhaustion.
normalize
Input normalization: Unicode NFC, whitespace trimming, email case normalization.
safe_types
Type-safe input wrappers that reject dangerous values at construction time.
serde
Strict deserialization that rejects unknown fields.
validate
Secure validation trait and context.
xml
SecureXml<T> — axum extractor with XXE prevention.

Structs§

TenantId
A unique identifier for a tenant in a multi-tenant system.