github.com/traefik/yaegi@v0.15.1/_test/secure.gi (about)

     1  package main
     2  
     3  import (
     4  	"net/http"
     5  
     6  	"github.com/unrolled/secure" // or "gopkg.in/unrolled/secure.v1"
     7  )
     8  
     9  var myHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    10  	w.Write([]byte("hello world"))
    11  })
    12  
    13  func main() {
    14  	secureMiddleware := secure.New(secure.Options{
    15  		AllowedHosts:          []string{"example.com", "ssl.example.com"},
    16  		HostsProxyHeaders:     []string{"X-Forwarded-Host"},
    17  		SSLRedirect:           true,
    18  		SSLHost:               "ssl.example.com",
    19  		SSLProxyHeaders:       map[string]string{"X-Forwarded-Proto": "https"},
    20  		STSSeconds:            315360000,
    21  		STSIncludeSubdomains:  true,
    22  		STSPreload:            true,
    23  		FrameDeny:             true,
    24  		ContentTypeNosniff:    true,
    25  		BrowserXssFilter:      true,
    26  		ContentSecurityPolicy: "script-src $NONCE",
    27  		PublicKey:             `pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubdomains; report-uri="https://www.example.com/hpkp-report"`,
    28  		IsDevelopment: false,
    29  	})
    30  
    31  	app := secureMiddleware.Handler(myHandler)
    32  	http.ListenAndServe("127.0.0.1:3000", app)
    33  }