pub struct SpaceHelmet { /* private fields */ }
Expand description
A Fairing
that adds HTTP
headers to outgoing responses that control security features on the browser.
§Usage
To use SpaceHelmet
, first construct an instance of it. To use the default
set of headers, construct with SpaceHelmet::default()
.
For an instance with no preset headers, use SpaceHelmet::new()
. To
enable an additional header, use enable()
, and to
disable a header, use disable()
:
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::{XssFilter, ExpectCt};
// A `SpaceHelmet` with the default headers:
let helmet = SpaceHelmet::default();
// A `SpaceHelmet` with the default headers minus `XssFilter`:
let helmet = SpaceHelmet::default().disable::<XssFilter>();
// A `SpaceHelmet` with the default headers plus `ExpectCt`.
let helmet = SpaceHelmet::default().enable(ExpectCt::default());
// A `SpaceHelmet` with only `XssFilter` and `ExpectCt`.
let helmet = SpaceHelmet::default()
.enable(XssFilter::default())
.enable(ExpectCt::default());
Then, attach the instance of SpaceHelmet
to your application’s instance of
Rocket
:
rocket::ignite()
// ...
.attach(helmet)
The fairing will inject all enabled headers into all outgoing responses unless the response already contains a header with the same name. If it does contain the header, a warning is emitted, and the header is not overwritten.
§TLS and HSTS
If TLS is configured and enabled when the application is launched in a non-development environment (e.g., staging or production), HSTS is automatically enabled with its default policy and a warning is issued.
To get rid of this warning, explicitly enable()
an Hsts
policy.
Implementations§
Source§impl SpaceHelmet
impl SpaceHelmet
Sourcepub fn new() -> Self
pub fn new() -> Self
Returns an instance of SpaceHelmet
with no headers enabled.
§Example
use rocket_contrib::helmet::SpaceHelmet;
let helmet = SpaceHelmet::new();
Sourcepub fn enable<P: Policy>(self, policy: P) -> Self
pub fn enable<P: Policy>(self, policy: P) -> Self
Enables the policy header policy
.
If the poliicy was previously enabled, the configuration is replaced
with that of policy
.
§Example
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::NoSniff;
let helmet = SpaceHelmet::new().enable(NoSniff::default());
Sourcepub fn disable<P: Policy>(self) -> Self
pub fn disable<P: Policy>(self) -> Self
Disables the policy header policy
.
§Example
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::NoSniff;
let helmet = SpaceHelmet::default().disable::<NoSniff>();
Sourcepub fn is_enabled<P: Policy>(&self) -> bool
pub fn is_enabled<P: Policy>(&self) -> bool
Returns true
if the policy P
is enabled.
§Example
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::{XssFilter, NoSniff, Frame};
use rocket_contrib::helmet::{Hsts, ExpectCt, Referrer};
let helmet = SpaceHelmet::default();
assert!(helmet.is_enabled::<XssFilter>());
assert!(helmet.is_enabled::<NoSniff>());
assert!(helmet.is_enabled::<Frame>());
assert!(!helmet.is_enabled::<Hsts>());
assert!(!helmet.is_enabled::<ExpectCt>());
assert!(!helmet.is_enabled::<Referrer>());
Trait Implementations§
Source§impl Default for SpaceHelmet
impl Default for SpaceHelmet
Source§impl Fairing for SpaceHelmet
impl Fairing for SpaceHelmet
Source§fn on_response(&self, _request: &Request<'_>, response: &mut Response<'_>)
fn on_response(&self, _request: &Request<'_>, response: &mut Response<'_>)
Auto Trait Implementations§
impl !Freeze for SpaceHelmet
impl !RefUnwindSafe for SpaceHelmet
impl Send for SpaceHelmet
impl Sync for SpaceHelmet
impl Unpin for SpaceHelmet
impl !UnwindSafe for SpaceHelmet
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<T> IntoCollection<T> for T
impl<T> IntoCollection<T> for T
Source§impl<T> IntoSql for T
impl<T> IntoSql for T
Source§fn into_sql<T>(self) -> Self::Expressionwhere
Self: Sized + AsExpression<T>,
fn into_sql<T>(self) -> Self::Expressionwhere
Self: Sized + AsExpression<T>,
self
to an expression for Diesel’s query builder. Read moreSource§fn as_sql<'a, T>(&'a self) -> <&'a Self as AsExpression<T>>::Expressionwhere
&'a Self: AsExpression<T>,
fn as_sql<'a, T>(&'a self) -> <&'a Self as AsExpression<T>>::Expressionwhere
&'a Self: AsExpression<T>,
&self
to an expression for Diesel’s query builder. Read more