Module gotham::middleware::security
source · Expand description
Security based middleware to handle security based sanitizations.
Prior to v0.3, this middleware was baked into responses by default. It has now been separated to allow optional usage. You can attach as a middleware at startup to include behaviour as was present before.
Currently this middleware will set the following headers:
- X-CONTENT-TYPE-OPTIONS: “nosniff”
- X-FRAME-OPTIONS: “DENY”
- X-XSS-PROTECTION: “1; mode=block”
More may be added in future, but these headers provide compatibility with previous versions of Gotham.
Structs
- Middleware binding for the Gotham security handlers.