[−][src]Struct http_types::security::ContentSecurityPolicy
Build a Content-Security-Policy
header.
Content-Security-Policy
(CSP) HTTP headers are used to prevent cross-site
injections. Read more
Examples
use http_types::{headers, security, Response, StatusCode}; let mut policy = security::ContentSecurityPolicy::new(); policy .default_src(security::Source::SameOrigin) .default_src("areweasyncyet.rs") .script_src(security::Source::SameOrigin) .script_src(security::Source::UnsafeInline) .object_src(security::Source::None) .base_uri(security::Source::None) .upgrade_insecure_requests(); let mut res = Response::new(StatusCode::Ok); res.set_body("Hello, Chashu!"); security::default(&mut res); policy.apply(&mut res); let name = headers::HeaderName::from_ascii("content-security-policy".to_owned().into_bytes()).unwrap(); let headers = res.header(&name).unwrap(); let header = headers.iter().next().unwrap(); assert_eq!(header, "base-uri 'none'; default-src 'self' areweasyncyet.rs; object-src 'none'; script-src 'self' 'unsafe-inline'; upgrade-insecure-requests");
Implementations
impl ContentSecurityPolicy
[src]
pub fn new() -> Self
[src]
Create a new instance.
pub fn base_uri<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy base-uri
directive
pub fn block_all_mixed_content(&mut self) -> &mut Self
[src]
Defines the Content-Security-Policy block-all-mixed-content
directive
pub fn connect_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy connect-src
directive
pub fn default_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy default-src
directive
pub fn font_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy font-src
directive
pub fn form_action<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy form-action
directive
pub fn frame_ancestors<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy frame-ancestors
directive
pub fn frame_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy frame-src
directive
pub fn img_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy img-src
directive
pub fn media_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy media-src
directive
pub fn object_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy object-src
directive
pub fn plugin_types<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy plugin-types
directive
pub fn require_sri_for<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy require-sri-for
directive
pub fn report_uri<T: AsRef<str>>(&mut self, uri: T) -> &mut Self
[src]
Defines the Content-Security-Policy report-uri
directive
pub fn report_to(&mut self, endpoints: Vec<ReportTo>) -> &mut Self
[src]
Defines the Content-Security-Policy report-to
directive
pub fn sandbox<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy sandbox
directive
pub fn script_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy script-src
directive
pub fn style_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy style-src
directive
pub fn upgrade_insecure_requests(&mut self) -> &mut Self
[src]
Defines the Content-Security-Policy upgrade-insecure-requests
directive
pub fn worker_src<T: AsRef<str>>(&mut self, source: T) -> &mut Self
[src]
Defines the Content-Security-Policy worker-src
directive
pub fn report_only(&mut self) -> &mut Self
[src]
Change the header to Content-Security-Policy-Report-Only
pub fn apply(&mut self, headers: impl AsMut<Headers>)
[src]
Sets the Content-Security-Policy
(CSP) HTTP header to prevent cross-site injections
Trait Implementations
impl Clone for ContentSecurityPolicy
[src]
fn clone(&self) -> ContentSecurityPolicy
[src]
fn clone_from(&mut self, source: &Self)
1.0.0[src]
impl Debug for ContentSecurityPolicy
[src]
impl Default for ContentSecurityPolicy
[src]
fn default() -> Self
[src]
Sets the Content-Security-Policy default to "script-src 'self'; object-src 'self'"
impl Eq for ContentSecurityPolicy
[src]
impl PartialEq<ContentSecurityPolicy> for ContentSecurityPolicy
[src]
fn eq(&self, other: &ContentSecurityPolicy) -> bool
[src]
fn ne(&self, other: &ContentSecurityPolicy) -> bool
[src]
impl StructuralEq for ContentSecurityPolicy
[src]
impl StructuralPartialEq for ContentSecurityPolicy
[src]
Auto Trait Implementations
impl RefUnwindSafe for ContentSecurityPolicy
impl Send for ContentSecurityPolicy
impl Sync for ContentSecurityPolicy
impl Unpin for ContentSecurityPolicy
impl UnwindSafe for ContentSecurityPolicy
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T
[src]
fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,