github.com/adharshmk96/stk@v1.2.3/pkg/middleware/security.go (about) 1 package middleware 2 3 import "github.com/adharshmk96/stk/gsk" 4 5 func SecurityHeaders(next gsk.HandlerFunc) gsk.HandlerFunc { 6 return func(c *gsk.Context) { 7 headers := map[string]string{ 8 "X-Content-Type-Options": "nosniff", 9 "X-Frame-Options": "SAMEORIGIN", 10 "X-XSS-Protection": "1; mode=block", 11 "Referrer-Policy": "strict-origin-when-cross-origin", 12 "Content-Security-Policy": "default-src 'self';", 13 "X-Permitted-Cross-Domain-Policies": "master-only", 14 "Strict-Transport-Security": "max-age=31536000; includeSubDomains", 15 } 16 17 for key, value := range headers { 18 c.SetHeader(key, value) 19 } 20 21 next(c) 22 } 23 }