systemprompt_api/services/middleware/
security_headers.rs

1use axum::extract::Request;
2use axum::http::HeaderValue;
3use axum::middleware::Next;
4use axum::response::Response;
5use systemprompt_models::profile::SecurityHeadersConfig;
6
7pub async fn inject_security_headers(
8    config: SecurityHeadersConfig,
9    request: Request,
10    next: Next,
11) -> Response {
12    let mut response = next.run(request).await;
13    let headers = response.headers_mut();
14
15    if let Ok(value) = HeaderValue::from_str(&config.hsts) {
16        headers.insert("strict-transport-security", value);
17    }
18
19    if let Ok(value) = HeaderValue::from_str(&config.frame_options) {
20        headers.insert("x-frame-options", value);
21    }
22
23    if let Ok(value) = HeaderValue::from_str(&config.content_type_options) {
24        headers.insert("x-content-type-options", value);
25    }
26
27    if let Ok(value) = HeaderValue::from_str(&config.referrer_policy) {
28        headers.insert("referrer-policy", value);
29    }
30
31    if let Ok(value) = HeaderValue::from_str(&config.permissions_policy) {
32        headers.insert("permissions-policy", value);
33    }
34
35    if let Some(ref csp) = config.content_security_policy {
36        if let Ok(value) = HeaderValue::from_str(csp) {
37            headers.insert("content-security-policy", value);
38        }
39    }
40
41    response
42}

systemprompt_api/services/middleware/security_headers.rs

systemprompt_api/services/middleware/
security_headers.rs