Expand description
§use-security-header
Web security header and browser-policy primitives for RustUse.
§Experimental
use-security-header is experimental while the use-security workspace remains below 0.3.0. Expect small API adjustments during the first release wave.
§Example
use use_security_header::{SecurityHeaderKind, SecurityHeaderName};
let name = SecurityHeaderName::new("Content-Security-Policy")?;
assert_eq!(name.as_str(), "Content-Security-Policy");
assert_eq!(SecurityHeaderKind::StrictTransportSecurity.header_name(), "Strict-Transport-Security");§Scope
- Security header names, categories, and directive labels.
- CSP, HSTS, referrer policy, frame options, CORS, and permissions policy metadata.
§Non-goals
- HTTP server or browser behavior.
- WAF behavior.
- Complete CSP or header parsing.
§License
Licensed under either of the following, at your option:
- Apache License, Version 2.0
- MIT license
Structs§
- Security
Header Name - A validated HTTP security header name.
Enums§
- Content
Security Policy Directive - Content Security Policy directive labels.
- Cors
Policy Kind - CORS policy labels.
- Frame
Options Kind - X-Frame-Options labels.
- Permissions
Policy Directive - Permissions policy directive labels.
- Referrer
Policy Kind - Referrer policy labels.
- Security
Header Kind - Security header categories.
- Security
Header Name Error - Error returned when a security header name is invalid.
- Security
Header Parse Error - Error returned when a security header label cannot be parsed.
- Transport
Security Directive - Strict-Transport-Security directive labels.