Module http_types::security [−][src]
Expand description
HTTP Security Headers.
Specifications
Example
use http_types::{StatusCode, Response}; let mut res = Response::new(StatusCode::Ok); http_types::security::default(&mut res);
Structs
Build a Content-Security-Policy
header.
Define report-to
directive value
Define endpoints
for report-to
directive value
Specify origins that are allowed to see values via the Resource Timing API.
Enums
Set the frameguard level.
Set the Referrer-Policy level
Define source value
Functions
Apply a set of default protections.
Disable browsers’ DNS prefetching by setting the X-DNS-Prefetch-Control
header.
Mitigates clickjacking attacks by setting the X-Frame-Options
header.
Sets the Strict-Transport-Security
header to keep your users on HTTPS
.
Prevent browsers from trying to guess (“sniff”) the MIME type, which can have security implications.
Removes the X-Powered-By
header to make it slightly harder for attackers to see what
potentially-vulnerable technology powers your site.
Mitigates referrer leakage by controlling the referer[sic] header in links away from pages
Sets the X-XSS-Protection
header to prevent reflected XSS attacks.