Documentation
¶
Index ¶
- func AESEncrypt(data, key []byte) ([]byte, error)
- func Breaker() fiber.Handler
- func BuildCSP(cfg CSPConfig) string
- func CORS(cfg CORSConfig) fiber.Handler
- func CSRF(cfg CSRFConfig) fiber.Handler
- func ContentSecurity(key *rsa.PublicKey, strict bool) fiber.Handler
- func Cryption(key []byte) fiber.Handler
- func GenerateNonce() string
- func Gunzip() fiber.Handler
- func HeaderSanitize() fiber.Handler
- func JWT(cfg JWTConfig) fiber.Handler
- func Logger() fiber.Handler
- func MaxBytes(limit int) fiber.Handler
- func MaxConns(limit int) fiber.Handler
- func ParsePublicKey(pemStr string) (*rsa.PublicKey, error)
- func Prometheus() fiber.Handler
- func PrometheusHandler() fiber.Handler
- func RateLimit(cfg RateLimitConfig) fiber.Handler
- func Recovery() fiber.Handler
- func RegisterValidation(name string, input any)
- func SSE() fiber.Handler
- func SecurityHeaders(cfg SecurityHeadersConfig) fiber.Handler
- func Shedding() fiber.Handler
- func SignBody(key *rsa.PrivateKey, body []byte) (string, error)
- func Timeout(d time.Duration) fiber.Handler
- func Trace(cfg TraceConfig) fiber.Handler
- func ValidateInput(modelName string) fiber.Handler
- func WebSocket(handler func(*websocket.Conn)) fiber.Handler
- func WebSocketWithConfig(cfg WebSocketConfig, handler func(*websocket.Conn)) fiber.Handler
- type CORSConfig
- type CSPConfig
- type CSPLevel
- type CSRFConfig
- type JWTConfig
- type RateLimitConfig
- type RateLimitEntry
- type SSRFConfig
- type SafeHTTPClient
- type SecurityHeadersConfig
- type TraceConfig
- type WebSocketConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AESEncrypt ¶
func CORS ¶
func CORS(cfg CORSConfig) fiber.Handler
func CSRF ¶ added in v0.1.0
func CSRF(cfg CSRFConfig) fiber.Handler
func GenerateNonce ¶ added in v0.1.0
func GenerateNonce() string
GenerateNonce creates a CSP nonce (base64 random 32 bytes).
func HeaderSanitize ¶ added in v0.1.0
func Prometheus ¶
func PrometheusHandler ¶
func RateLimit ¶ added in v0.1.0
func RateLimit(cfg RateLimitConfig) fiber.Handler
func RegisterValidation ¶ added in v0.1.0
func SecurityHeaders ¶ added in v0.1.0
func SecurityHeaders(cfg SecurityHeadersConfig) fiber.Handler
func Trace ¶
func Trace(cfg TraceConfig) fiber.Handler
func ValidateInput ¶ added in v0.1.0
func WebSocketWithConfig ¶
func WebSocketWithConfig(cfg WebSocketConfig, handler func(*websocket.Conn)) fiber.Handler
Types ¶
type CORSConfig ¶
type CORSConfig struct {
AllowedOrigins string
AllowedMethods string
AllowedHeaders string
AllowCredentials bool
MaxAge int
}
func DefaultCORSConfig ¶
func DefaultCORSConfig() CORSConfig
type CSPConfig ¶ added in v0.1.0
type CSPConfig struct {
Level CSPLevel `json:"level,default=basic"`
DefaultSrc []string `json:"default_src,optional"`
ScriptSrc []string `json:"script_src,optional"`
StyleSrc []string `json:"style_src,optional"`
ImgSrc []string `json:"img_src,optional"`
ConnectSrc []string `json:"connect_src,optional"`
FontSrc []string `json:"font_src,optional"`
FrameSrc []string `json:"frame_src,optional"`
FrameAncestors []string `json:"frame_ancestors,optional"`
ObjectSrc []string `json:"object_src,optional"`
BaseURI []string `json:"base_uri,optional"`
FormAction []string `json:"form_action,optional"`
UpgradeInsecureReq bool `json:"upgrade_insecure_requests,optional"`
}
CSPConfig configures Content-Security-Policy generation.
type CSRFConfig ¶ added in v0.1.0
type CSRFConfig struct {
Enabled bool `json:"enabled,optional"`
CookieName string `json:"cookie_name,optional"`
HeaderName string `json:"header_name,optional"`
SameSite string `json:"same_site,optional"`
Secure bool `json:"secure,optional"`
ExcludePaths []string `json:"exclude_paths,optional"`
JSONCheck bool `json:"json_check,optional"`
}
type JWTConfig ¶
func DefaultJWTConfig ¶
func DefaultJWTConfig() JWTConfig
type RateLimitConfig ¶ added in v0.1.0
type RateLimitConfig struct {
Enabled bool `json:"enabled,optional"`
Driver string `json:"driver,default=memory"`
RedisURL string `json:"redis_url,optional"`
Global *RateLimitEntry `json:"global,optional"`
PerIP *RateLimitEntry `json:"per_ip,optional"`
PerUser *RateLimitEntry `json:"per_user,optional"`
}
type RateLimitEntry ¶ added in v0.1.0
type SSRFConfig ¶ added in v0.1.0
type SSRFConfig struct {
Enabled bool `json:"enabled"`
BlockPrivate bool `json:"block_private,optional"`
BlockLoopback bool `json:"block_loopback,optional"`
BlockMetadata bool `json:"block_metadata,optional"`
AllowedHosts []string `json:"allowed_hosts,optional"`
AllowAll bool `json:"allow_all,optional"`
}
type SafeHTTPClient ¶ added in v0.1.0
type SafeHTTPClient struct {
// contains filtered or unexported fields
}
SafeHTTPClient wraps an HTTP client with SSRF protection.
func NewSafeHTTPClient ¶ added in v0.1.0
func NewSafeHTTPClient(cfg SSRFConfig) *SafeHTTPClient
NewSafeHTTPClient creates an HTTP client protected against SSRF.
type SecurityHeadersConfig ¶ added in v0.1.0
type SecurityHeadersConfig struct {
FrameOptions string `json:"frame_options,optional"`
ReferrerPolicy string `json:"referrer_policy,optional"`
PermissionsPolicy string `json:"permissions_policy,optional"`
HSTS bool `json:"hsts,optional"`
HSTSMaxAge int `json:"hsts_max_age,optional"`
HSTSIncludeSubs bool `json:"hsts_include_subdomains,optional"`
CSP string `json:"csp,optional"`
COOP string `json:"coop,optional"`
COEP string `json:"coep,optional"`
CORP string `json:"corp,optional"`
CacheControl string `json:"cache_control,optional"`
CSPReportPath string `json:"csp_report_path,optional"`
}
type TraceConfig ¶
Click to show internal directories.
Click to hide internal directories.