middleware

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 1, 2026 License: MIT Imports: 34 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AESEncrypt

func AESEncrypt(data, key []byte) ([]byte, error)

func Breaker

func Breaker() fiber.Handler

func BuildCSP added in v0.1.0

func BuildCSP(cfg CSPConfig) string

BuildCSP generates a Content-Security-Policy string from config.

func CORS

func CORS(cfg CORSConfig) fiber.Handler

func CSRF added in v0.1.0

func CSRF(cfg CSRFConfig) fiber.Handler

func ContentSecurity

func ContentSecurity(key *rsa.PublicKey, strict bool) fiber.Handler

func Cryption

func Cryption(key []byte) fiber.Handler

func GenerateNonce added in v0.1.0

func GenerateNonce() string

GenerateNonce creates a CSP nonce (base64 random 32 bytes).

func Gunzip

func Gunzip() fiber.Handler

func HeaderSanitize added in v0.1.0

func HeaderSanitize() fiber.Handler

func JWT

func JWT(cfg JWTConfig) fiber.Handler

func Logger

func Logger() fiber.Handler

func MaxBytes

func MaxBytes(limit int) fiber.Handler

func MaxConns

func MaxConns(limit int) fiber.Handler

func ParsePublicKey

func ParsePublicKey(pemStr string) (*rsa.PublicKey, error)

func Prometheus

func Prometheus() fiber.Handler

func PrometheusHandler

func PrometheusHandler() fiber.Handler

func RateLimit added in v0.1.0

func RateLimit(cfg RateLimitConfig) fiber.Handler

func Recovery

func Recovery() fiber.Handler

func RegisterValidation added in v0.1.0

func RegisterValidation(name string, input any)

func SSE

func SSE() fiber.Handler

func SecurityHeaders added in v0.1.0

func SecurityHeaders(cfg SecurityHeadersConfig) fiber.Handler

func Shedding

func Shedding() fiber.Handler

func SignBody

func SignBody(key *rsa.PrivateKey, body []byte) (string, error)

func Timeout

func Timeout(d time.Duration) fiber.Handler

func Trace

func Trace(cfg TraceConfig) fiber.Handler

func ValidateInput added in v0.1.0

func ValidateInput(modelName string) fiber.Handler

func WebSocket

func WebSocket(handler func(*websocket.Conn)) fiber.Handler

func WebSocketWithConfig

func WebSocketWithConfig(cfg WebSocketConfig, handler func(*websocket.Conn)) fiber.Handler

Types

type CORSConfig

type CORSConfig struct {
	AllowedOrigins   string
	AllowedMethods   string
	AllowedHeaders   string
	AllowCredentials bool
	MaxAge           int
}

func DefaultCORSConfig

func DefaultCORSConfig() CORSConfig

type CSPConfig added in v0.1.0

type CSPConfig struct {
	Level              CSPLevel `json:"level" config:",default=basic"`
	DefaultSrc         []string `json:"default_src" config:",optional"`
	ScriptSrc          []string `json:"script_src" config:",optional"`
	StyleSrc           []string `json:"style_src" config:",optional"`
	ImgSrc             []string `json:"img_src" config:",optional"`
	ConnectSrc         []string `json:"connect_src" config:",optional"`
	FontSrc            []string `json:"font_src" config:",optional"`
	FrameSrc           []string `json:"frame_src" config:",optional"`
	FrameAncestors     []string `json:"frame_ancestors" config:",optional"`
	ObjectSrc          []string `json:"object_src" config:",optional"`
	BaseURI            []string `json:"base_uri" config:",optional"`
	FormAction         []string `json:"form_action" config:",optional"`
	UpgradeInsecureReq bool     `json:"upgrade_insecure_requests" config:",optional"`
}

CSPConfig configures Content-Security-Policy generation.

type CSPLevel added in v0.1.0

type CSPLevel string

CSPLevel defines pre-built CSP policies.

const (
	CSPLevelBasic  CSPLevel = "basic"
	CSPLevelStrict CSPLevel = "strict"
)

type CSRFConfig added in v0.1.0

type CSRFConfig struct {
	Enabled      bool     `json:"enabled" config:",optional"`
	CookieName   string   `json:"cookie_name" config:",optional"`
	HeaderName   string   `json:"header_name" config:",optional"`
	SameSite     string   `json:"same_site" config:",optional"`
	Secure       bool     `json:"secure" config:",optional"`
	ExcludePaths []string `json:"exclude_paths" config:",optional"`
	JSONCheck    bool     `json:"json_check" config:",optional"`
}

type JWTConfig

type JWTConfig struct {
	Secret      string
	PrevSecret  string
	ContextKey  string
	TokenLookup string
}

func DefaultJWTConfig

func DefaultJWTConfig() JWTConfig

type RateLimitConfig added in v0.1.0

type RateLimitConfig struct {
	Enabled  bool            `json:"enabled" config:",optional"`
	Driver   string          `json:"driver" config:",default=memory"`
	RedisURL string          `json:"redis_url" config:",optional"`
	Global   *RateLimitEntry `json:"global" config:",optional"`
	PerIP    *RateLimitEntry `json:"per_ip" config:",optional"`
	PerUser  *RateLimitEntry `json:"per_user" config:",optional"`
}

type RateLimitEntry added in v0.1.0

type RateLimitEntry struct {
	RequestsPerSecond int `json:"requests_per_second"`
	Burst             int `json:"burst"`
}

type SSRFConfig added in v0.1.0

type SSRFConfig struct {
	Enabled       bool     `json:"enabled"`
	BlockPrivate  bool     `json:"block_private" config:",optional"`
	BlockLoopback bool     `json:"block_loopback" config:",optional"`
	BlockMetadata bool     `json:"block_metadata" config:",optional"`
	AllowedHosts  []string `json:"allowed_hosts" config:",optional"`
	AllowAll      bool     `json:"allow_all" config:",optional"`
}

type SafeHTTPClient added in v0.1.0

type SafeHTTPClient struct {
	// contains filtered or unexported fields
}

SafeHTTPClient wraps an HTTP client with SSRF protection.

func NewSafeHTTPClient added in v0.1.0

func NewSafeHTTPClient(cfg SSRFConfig) *SafeHTTPClient

NewSafeHTTPClient creates an HTTP client protected against SSRF.

func (*SafeHTTPClient) Do added in v0.1.0

func (c *SafeHTTPClient) Do(req *http.Request) (*http.Response, error)

Do performs an HTTP request with SSRF validation.

type SecurityHeadersConfig added in v0.1.0

type SecurityHeadersConfig struct {
	FrameOptions      string `json:"frame_options" config:",optional"`
	ReferrerPolicy    string `json:"referrer_policy" config:",optional"`
	PermissionsPolicy string `json:"permissions_policy" config:",optional"`
	HSTS              bool   `json:"hsts" config:",optional"`
	HSTSMaxAge        int    `json:"hsts_max_age" config:",optional"`
	HSTSIncludeSubs   bool   `json:"hsts_include_subdomains" config:",optional"`
	CSP               string `json:"csp" config:",optional"`
	COOP              string `json:"coop" config:",optional"`
	COEP              string `json:"coep" config:",optional"`
	CORP              string `json:"corp" config:",optional"`
	CacheControl      string `json:"cache_control" config:",optional"`
	CSPReportPath     string `json:"csp_report_path" config:",optional"`
}

type TraceConfig

type TraceConfig struct {
	Name     string
	Endpoint string
	Sampler  float64
	Batcher  string
}

type WebSocketConfig

type WebSocketConfig struct {
	Origins          []string
	HandshakeTimeout time.Duration
	ReadBufferSize   int
	WriteBufferSize  int
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL