github.com/adharshmk96/stk@v1.2.3/pkg/middleware/security.go

github.com/adharshmk96/stk@v1.2.3/pkg/middleware/security.go (about)

     1  package middleware
     2  
     3  import "github.com/adharshmk96/stk/gsk"
     4  
     5  func SecurityHeaders(next gsk.HandlerFunc) gsk.HandlerFunc {
     6  	return func(c *gsk.Context) {
     7  		headers := map[string]string{
     8  			"X-Content-Type-Options":            "nosniff",
     9  			"X-Frame-Options":                   "SAMEORIGIN",
    10  			"X-XSS-Protection":                  "1; mode=block",
    11  			"Referrer-Policy":                   "strict-origin-when-cross-origin",
    12  			"Content-Security-Policy":           "default-src 'self';",
    13  			"X-Permitted-Cross-Domain-Policies": "master-only",
    14  			"Strict-Transport-Security":         "max-age=31536000; includeSubDomains",
    15  		}
    16  
    17  		for key, value := range headers {
    18  			c.SetHeader(key, value)
    19  		}
    20  
    21  		next(c)
    22  	}
    23  }