defaultcspheader

package module

v0.0.1 Latest Latest Go to latest Published: Mar 12, 2023 License: MIT Imports: 3 Imported by: 0

README ¶

This is a traefik middleware plugin that adds a default CSP header on every upstream response without a CSP header.

This plugin implements the following behavior:

If any upstream traefik middleware or service set a Content-Security-Policy header in the response, this plugin does nothing.
Otherwise, this plugin set a default Content-Security-Policy header. You can provide the default Content-Security-Policy in the traefik configuration.

To configure this plugin you should add its static and dynamic configuration to the Traefik dynamic configuration as explained here.

You find an example for the static configuration and the dynamic configuration in the integration test.

You must set the plugin configuration in the runtime configuration of traefik.

Option	Required	Description
`defaultCSPHeader`	true	The `Content-Security-Policy` header value that is set on every http response, that does not contains a `Content-Security-Policy` header

View Source

const CSPHeaderKey = "Content-Security-Policy"

This section is empty.

func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error)

type Config struct {
	DefaultCSPHeader string `json:"defaultCspHeader,omitempty"`
}

func CreateConfig() *Config

type DefaultCSPHeaderPlugin struct {
	// contains filtered or unexported fields
}

func (d *DefaultCSPHeaderPlugin) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP implements http.Handler

type MyResponseWriter struct {
	http.ResponseWriter
	DefaultCSPEntry string
}

func (m *MyResponseWriter) WriteHeader(statusCode int)