Skip to content

tristanfisher/cspheader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
csp.go
csp.go
 
 
go.mod
go.mod
 
 
option.go
option.go
 
 
preset.go
preset.go
 
 
template.go
template.go
 
 

Repository files navigation

cspheader

This library aims to be a quality of life improvement when dealing with setting Content Security Policy headers in the Go programming language.

Usage

For a quick demo, import cspheader and output a default configuration:

...
headerMap, _ := cspheaders.SecurityOptionsReactJS().Load()
fmt.Println(headerMap)
...

/*
// don't mind the formatting, please:
map[
    Content-Security-Policy:
        script-src 'self' 'strict-dynamic'; 
        base-uri 'none'; 
        form-action 'self'; 
        frame-ancestors 'none'; 
        report-to default; 
        default-src 'none'; 
        style-src-attr 'self' 'unsafe-inline'; 
    Report-To:{"group":"default","max_age": 86400, "endpoints": [{"url":"/_/csp-reports" }]}
]
*/

From there, you can simply provide the key/value mappings to http.ResponseWriter's Header().Set()'s functionality.

development / contribution

Pull requests or GitHub issues are welcomed.

If you are creating a pull request, please include tests as well as a description of the problem being solved.

If you are opening a GitHub issue, please include any error messages steps to reproduce the issue you encountered.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Bugfix and reduce strictness of default React configuration Latest
Jan 7, 2024

Packages

No packages published

Languages