middleware

package
v1.11.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 19, 2023 License: MIT Imports: 24 Imported by: 13

Documentation

Index

Constants

View Source 
const DefaultPProfPath = "/_/pprof"

DefaultPProfPath ...

View Source 
const DefaultRuntimePath = "/_/runtime"

DefaultRuntimePath ...

Variables

View Source 
var DefaultHelmetConfig = &HelmetConfig{
	XSSProtection:                 "0",
	ContentTypeNosniff:            "nosniff",
	XFrameOptions:                 "SAMEORIGIN",
	HSTSMaxAge:                    0,
	HSTSExcludeSubdomains:         false,
	ContentSecurityPolicy:         "",
	CSPReportOnly:                 false,
	HSTSPreloadEnabled:            false,
	ReferrerPolicy:                "ReferrerPolicy",
	PermissionsPolicy:             "",
	CrossOriginEmbedderPolicy:     "require-corp",
	CrossOriginOpenerPolicy:       "same-origin",
	CrossOriginResourcePolicy:     "same-origin",
	OriginAgentCluster:            "?1",
	XDNSPrefetchControl:           "off",
	XDownloadOptions:              "noopen",
	XPermittedCrossDomainPolicies: "none",
}

DefaultHelmetConfig is the default helmet config

Functions

func AuthServer added in v1.8.10 

func AuthServer(cfg *AuthServerConfig) zoox.Middleware

AuthServer is a middleware that authenticates via Auth Server.

func BasicAuth 

func BasicAuth(realm string, credentials map[string]string) zoox.Middleware

BasicAuth is a middleware that authenticates via Basic Auth.

func BearerToken added in v1.8.5 

func BearerToken(tokens []string) zoox.Middleware

BearerToken is a middleware that authenticates via Bearer Token.

func CORS added in v1.0.20 

func CORS(cfg ...*CorsConfig) zoox.Middleware

CORS is a middleware for handling CORS (Cross-Origin Resource Sharing)

func CacheControl added in v1.8.3 

func CacheControl(cfg *CacheControlConfig) zoox.Middleware

CacheControl is a middleware that adds a "Cache-Control" header to the request.

func Gzip added in v1.3.0 

func Gzip(cfg ...*GzipConfig) zoox.Middleware

Gzip is a gzip moddleware for zoox.

func HealthCheck 

func HealthCheck(path ...string) zoox.Middleware

HealthCheck is a middleware that checks the health of the application.

func Helmet added in v1.10.13 

func Helmet(cfg *HelmetConfig) zoox.Middleware

Helmet is a middleware that adds some security response headers.

func Jwt added in v1.0.25 

func Jwt() zoox.Middleware

Jwt is a middleware that authenticates via JWT.

func Logger 

func Logger() zoox.Middleware

Logger is a middleware that logs the request as it goes through the handler.

func PProf added in v1.10.8 

func PProf() zoox.Middleware

PProf ...

func Proxy added in v1.2.9 

func Proxy(fn func(cfg *ProxyConfig, ctx *zoox.Context) (next bool, err error)) zoox.Middleware

Proxy is a middleware that proxies the request.

func ProxyGroups added in v1.10.10 

func ProxyGroups(cfg *ProxyGroupsConfig) zoox.Middleware

ProxyGroups is a middleware that proxies the request to the backend service.

func RateLimit added in v1.2.17 

func RateLimit(cfg *RateLimitConfig) zoox.Middleware

RateLimit middleware for zoox

func RealIP 

func RealIP() zoox.Middleware

RealIP is a middleware that adds a "X-Real-IP" header to the request.

func Recovery 

func Recovery() zoox.Middleware

Recovery is the recovery middleware

func RequestID added in v1.1.2 

func RequestID() zoox.Middleware

RequestID is a middleware that adds a request ID to the context.

func Rewrite added in v1.0.20 

func Rewrite(cfg ...*RewriteConfig) zoox.Middleware

Rewrite is a middleware that rewrites the request path.

func Runtime added in v1.10.8 

func Runtime() zoox.Middleware

Runtime ...

func Timeout 

func Timeout(timeout time.Duration) zoox.Middleware

Timeout is a middleware that sets a timeout for the request.

Types

type AuthServerConfig added in v1.8.10 

type AuthServerConfig struct {
	Server string `json:"server"`
}

AuthServerConfig ...

type CacheControlConfig added in v1.8.3 

type CacheControlConfig struct {
	Paths  []string
	MaxAge time.Duration
	//
	Items []*CacheControlItem
}

CacheControlConfig ...

type CacheControlItem added in v1.8.3 

type CacheControlItem struct {
	Path   regexp.RegExp
	MaxAge time.Duration
}

CacheControlItem ...

type CorsConfig added in v1.0.20 

type CorsConfig struct {
	IgnoreFunc       func(ctx *zoox.Context) bool
	AllowOrigins     []string
	AllowOriginFunc  func(origin string) bool
	AllowMethods     []string
	AllowHeaders     []string
	AllowCredentials bool
	MaxAge           int64
	ExposeHeaders    []string
}

CorsConfig is the configuration for the CORS middleware.

func DefaultCorsConfig added in v1.0.20 

func DefaultCorsConfig() *CorsConfig

DefaultCorsConfig is the default CORS configuration.

type GzipConfig added in v1.3.0 

type GzipConfig struct {
	Level int
	// Options  gzip.Options
	OptionFn gzip.Option
}

GzipConfig is the configuration for gzip middleware.

type HelmetConfig added in v1.10.13 

type HelmetConfig struct {
	// Next defines a function to skip this middleware when returned true.
	// Optional. Default: nil
	Next func(*zoox.Context) bool

	// XSSProtection adds some protection against cross site scripting (XSS) attacks
	// Optional. Default value "0"
	XSSProtection string

	// ContentTypeNosniff prevents the browser from doing MIME-type sniffing
	// Optional. Default value "nosniff"
	ContentTypeNosniff string

	// XFrameOptions can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object> .
	// Optional. Default value "SAMEORIGIN"
	// Possible values: "SAMEORIGIN", "DENY", "ALLOW-FROM uri"
	XFrameOptions string

	// HSTSMaxAge sets the Strict-Transport-Security header to indicate how long (in seconds) browsers should remember that this site is only to be accessed using HTTPS
	// Optional. Default value 0
	HSTSMaxAge int

	// HSTSExcludeSubdomains excludes subdomains from the Strict-Transport-Security header
	HSTSExcludeSubdomains bool

	// ContentSecurityPolicy sets the Content-Security-Policy header to help prevent cross-site scripting attacks and other cross-site injections
	// Optional. Default value ""
	ContentSecurityPolicy string

	// CSPReportOnly sets the Content-Security-Policy-Report-Only header
	// Optional. Default value false
	CSPReportOnly bool

	// HSTSPreloadEnabled adds the preload directive to the Strict-Transport-Security header
	// Optional. Default value false
	HSTSPreloadEnabled bool

	// ReferrerPolicy sets the Referrer-Policy header to indicate which referrer information should be included with requests made
	// Optional. Default value "ReferrerPolicy"
	ReferrerPolicy string

	// Permissions-Policy sets the Permissions-Policy header to indicate which features are allowed to be used
	// Optional. Default value ""
	PermissionsPolicy string

	// Cross-Origin-Embedder-Policy sets the Cross-Origin-Embedder-Policy header to indicate whether a resource should be loaded as part of a document
	// Optional. Default value ""require-corp"
	CrossOriginEmbedderPolicy string

	// Cross-Origin-Opener-Policy sets the Cross-Origin-Opener-Policy header to indicate whether a resource should be opened in the same browsing context as the document
	// Optional. Default value "same-origin"
	CrossOriginOpenerPolicy string

	// Cross-Origin-Resource-Policy sets the Cross-Origin-Resource-Policy header to indicate whether a resource should be shared cross-origin
	// Optional. Default value "same-origin"
	CrossOriginResourcePolicy string

	// Origin-Agent-Cluster sets the Origin-Agent-Cluster header to indicate whether a resource should be shared cross-origin
	// Optional. Default value "?1"
	OriginAgentCluster string

	// X-DNS-Prefetch-Control sets the X-DNS-Prefetch-Control header to control DNS prefetching
	// Optional. Default value "off"
	XDNSPrefetchControl string

	// X-Download-Options sets the X-Download-Options header to prevent Internet Explorer from executing downloads in your site’s context
	// Optional. Default value "noopen"
	XDownloadOptions string

	// X-Permitted-Cross-Domain-Policies sets the X-Permitted-Cross-Domain-Policies header to indicate whether a resource should be shared cross-origin
	// Optional. Default value "none"
	XPermittedCrossDomainPolicies string
}

HelmetConfig defines the helmet config

type ProxyConfig added in v1.2.9 

type ProxyConfig struct {
	// internal proxy config
	proxy.SingleHostConfig

	// target url
	Target string
}

ProxyConfig defines the proxy config

type ProxyGroupRewrite added in v1.3.14 

type ProxyGroupRewrite struct {
	Name    string       `yaml:"name" json:"name"`
	RegExp  string       `yaml:"regexp" json:"regexp"`
	Rewrite ProxyRewrite `yaml:"rewrite" json:"rewrite"`
}

ProxyGroupRewrite is a group of proxy rewrites

type ProxyGroupRewrites added in v1.3.14 

type ProxyGroupRewrites []ProxyGroupRewrite

ProxyGroupRewrites is a list of rewrite rules

type ProxyGroupsConfig added in v1.10.10 

type ProxyGroupsConfig struct {
	// Rewrites map[string]ProxyRewrite
	Rewrites ProxyGroupRewrites `yaml:"rewrites" json:"rewrites"`
}

ProxyGroupsConfig is the config of proxy middlewares

type ProxyRewrite added in v1.2.9 

type ProxyRewrite struct {
	Target   string            `yaml:"target" json:"target"`
	Rewrites ProxyRewriteRules `yaml:"rewrites" json:"rewrites"`
}

ProxyRewrite ...

type ProxyRewriteRules added in v1.3.14 

type ProxyRewriteRules = rewriter.Rewriters

ProxyRewriteRules ...

type RateLimitConfig added in v1.2.17 

type RateLimitConfig struct {
	Period time.Duration
	Limit  int64
	//
	Namespace string
	//
	RedisHost     string
	RedisPort     int
	RedisDB       int
	RedisPassword string
}

RateLimitConfig ...

type RewriteConfig added in v1.0.20 

type RewriteConfig struct {
	Rewrites rewriter.Rewriters
}

RewriteConfig is the configuration for the Rewrite middleware.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.