Documentation
¶
Index ¶
- func AESEncrypt(data, key []byte) ([]byte, error)
- func Breaker() fiber.Handler
- func BuildCSP(cfg CSPConfig) string
- func CORS(cfg CORSConfig) fiber.Handler
- func CSRF(cfg CSRFConfig) fiber.Handler
- func ContentSecurity(key *rsa.PublicKey, strict bool) fiber.Handler
- func Cryption(key []byte) fiber.Handler
- func GenerateNonce() string
- func Gunzip() fiber.Handler
- func HeaderSanitize() fiber.Handler
- func JWT(cfg JWTConfig) fiber.Handler
- func Logger() fiber.Handler
- func MaxBytes(limit int) fiber.Handler
- func MaxConns(limit int) fiber.Handler
- func ParsePublicKey(pemStr string) (*rsa.PublicKey, error)
- func Prometheus() fiber.Handler
- func PrometheusHandler() fiber.Handler
- func RateLimit(cfg RateLimitConfig) fiber.Handler
- func Recovery() fiber.Handler
- func RegisterValidation(name string, input any)
- func SSE() fiber.Handler
- func SecurityHeaders(cfg SecurityHeadersConfig) fiber.Handler
- func Shedding() fiber.Handler
- func SignBody(key *rsa.PrivateKey, body []byte) (string, error)
- func Timeout(d time.Duration) fiber.Handler
- func Trace(cfg TraceConfig) fiber.Handler
- func ValidateInput(modelName string) fiber.Handler
- func WebSocket(handler func(*websocket.Conn)) fiber.Handler
- func WebSocketWithConfig(cfg WebSocketConfig, handler func(*websocket.Conn)) fiber.Handler
- type CORSConfig
- type CSPConfig
- type CSPLevel
- type CSRFConfig
- type JWTConfig
- type RateLimitConfig
- type RateLimitEntry
- type SSRFConfig
- type SafeHTTPClient
- type SecurityHeadersConfig
- type TraceConfig
- type WebSocketConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AESEncrypt ¶
func CORS ¶
func CORS(cfg CORSConfig) fiber.Handler
func CSRF ¶ added in v0.1.0
func CSRF(cfg CSRFConfig) fiber.Handler
func GenerateNonce ¶ added in v0.1.0
func GenerateNonce() string
GenerateNonce creates a CSP nonce (base64 random 32 bytes).
func HeaderSanitize ¶ added in v0.1.0
func Prometheus ¶
func PrometheusHandler ¶
func RateLimit ¶ added in v0.1.0
func RateLimit(cfg RateLimitConfig) fiber.Handler
func RegisterValidation ¶ added in v0.1.0
func SecurityHeaders ¶ added in v0.1.0
func SecurityHeaders(cfg SecurityHeadersConfig) fiber.Handler
func Trace ¶
func Trace(cfg TraceConfig) fiber.Handler
func ValidateInput ¶ added in v0.1.0
func WebSocketWithConfig ¶
func WebSocketWithConfig(cfg WebSocketConfig, handler func(*websocket.Conn)) fiber.Handler
Types ¶
type CORSConfig ¶
type CORSConfig struct {
AllowedOrigins string
AllowedMethods string
AllowedHeaders string
AllowCredentials bool
MaxAge int
}
func DefaultCORSConfig ¶
func DefaultCORSConfig() CORSConfig
type CSPConfig ¶ added in v0.1.0
type CSPConfig struct {
Level CSPLevel `json:"level" config:",default=basic"`
DefaultSrc []string `json:"default_src" config:",optional"`
ScriptSrc []string `json:"script_src" config:",optional"`
StyleSrc []string `json:"style_src" config:",optional"`
ImgSrc []string `json:"img_src" config:",optional"`
ConnectSrc []string `json:"connect_src" config:",optional"`
FontSrc []string `json:"font_src" config:",optional"`
FrameSrc []string `json:"frame_src" config:",optional"`
FrameAncestors []string `json:"frame_ancestors" config:",optional"`
ObjectSrc []string `json:"object_src" config:",optional"`
BaseURI []string `json:"base_uri" config:",optional"`
FormAction []string `json:"form_action" config:",optional"`
UpgradeInsecureReq bool `json:"upgrade_insecure_requests" config:",optional"`
}
CSPConfig configures Content-Security-Policy generation.
type CSRFConfig ¶ added in v0.1.0
type CSRFConfig struct {
Enabled bool `json:"enabled" config:",optional"`
CookieName string `json:"cookie_name" config:",optional"`
HeaderName string `json:"header_name" config:",optional"`
SameSite string `json:"same_site" config:",optional"`
Secure bool `json:"secure" config:",optional"`
ExcludePaths []string `json:"exclude_paths" config:",optional"`
JSONCheck bool `json:"json_check" config:",optional"`
}
type JWTConfig ¶
type JWTConfig struct {
Secret string
PrevSecret string
ContextKey string
TokenLookup string
Algorithm string
Issuer string
Audience string
}
func DefaultJWTConfig ¶
func DefaultJWTConfig() JWTConfig
type RateLimitConfig ¶ added in v0.1.0
type RateLimitConfig struct {
Enabled bool `json:"enabled" config:",optional"`
Driver string `json:"driver" config:",default=memory"`
RedisURL string `json:"redis_url" config:",optional"`
Global *RateLimitEntry `json:"global" config:",optional"`
PerIP *RateLimitEntry `json:"per_ip" config:",optional"`
PerUser *RateLimitEntry `json:"per_user" config:",optional"`
}
type RateLimitEntry ¶ added in v0.1.0
type SSRFConfig ¶ added in v0.1.0
type SSRFConfig struct {
Enabled bool `json:"enabled"`
BlockPrivate bool `json:"block_private" config:",optional"`
BlockLoopback bool `json:"block_loopback" config:",optional"`
BlockMetadata bool `json:"block_metadata" config:",optional"`
AllowedHosts []string `json:"allowed_hosts" config:",optional"`
AllowAll bool `json:"allow_all" config:",optional"`
}
type SafeHTTPClient ¶ added in v0.1.0
type SafeHTTPClient struct {
// contains filtered or unexported fields
}
SafeHTTPClient wraps an HTTP client with SSRF protection.
func NewSafeHTTPClient ¶ added in v0.1.0
func NewSafeHTTPClient(cfg SSRFConfig) *SafeHTTPClient
NewSafeHTTPClient creates an HTTP client protected against SSRF.
type SecurityHeadersConfig ¶ added in v0.1.0
type SecurityHeadersConfig struct {
FrameOptions string `json:"frame_options" config:",optional"`
ReferrerPolicy string `json:"referrer_policy" config:",optional"`
PermissionsPolicy string `json:"permissions_policy" config:",optional"`
HSTS bool `json:"hsts" config:",optional"`
HSTSMaxAge int `json:"hsts_max_age" config:",optional"`
HSTSIncludeSubs bool `json:"hsts_include_subdomains" config:",optional"`
CSP string `json:"csp" config:",optional"`
COOP string `json:"coop" config:",optional"`
COEP string `json:"coep" config:",optional"`
CORP string `json:"corp" config:",optional"`
CacheControl string `json:"cache_control" config:",optional"`
CSPReportPath string `json:"csp_report_path" config:",optional"`
}
type TraceConfig ¶
Click to show internal directories.
Click to hide internal directories.