rocket_contrib::helmet

Struct SpaceHelmet

Source
pub struct SpaceHelmet { /* private fields */ }
Expand description

A Fairing that adds HTTP headers to outgoing responses that control security features on the browser.

§Usage

To use SpaceHelmet, first construct an instance of it. To use the default set of headers, construct with SpaceHelmet::default(). For an instance with no preset headers, use SpaceHelmet::new(). To enable an additional header, use enable(), and to disable a header, use disable():

use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::{XssFilter, ExpectCt};

// A `SpaceHelmet` with the default headers:
let helmet = SpaceHelmet::default();

// A `SpaceHelmet` with the default headers minus `XssFilter`:
let helmet = SpaceHelmet::default().disable::<XssFilter>();

// A `SpaceHelmet` with the default headers plus `ExpectCt`.
let helmet = SpaceHelmet::default().enable(ExpectCt::default());

// A `SpaceHelmet` with only `XssFilter` and `ExpectCt`.
let helmet = SpaceHelmet::default()
    .enable(XssFilter::default())
    .enable(ExpectCt::default());

Then, attach the instance of SpaceHelmet to your application’s instance of Rocket:

rocket::ignite()
    // ...
    .attach(helmet)

The fairing will inject all enabled headers into all outgoing responses unless the response already contains a header with the same name. If it does contain the header, a warning is emitted, and the header is not overwritten.

§TLS and HSTS

If TLS is configured and enabled when the application is launched in a non-development environment (e.g., staging or production), HSTS is automatically enabled with its default policy and a warning is issued.

To get rid of this warning, explicitly enable() an Hsts policy.

Implementations§

Source§

impl SpaceHelmet

Source

pub fn new() -> Self

Returns an instance of SpaceHelmet with no headers enabled.

§Example
use rocket_contrib::helmet::SpaceHelmet;

let helmet = SpaceHelmet::new();
Source

pub fn enable<P: Policy>(self, policy: P) -> Self

Enables the policy header policy.

If the poliicy was previously enabled, the configuration is replaced with that of policy.

§Example
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::NoSniff;

let helmet = SpaceHelmet::new().enable(NoSniff::default());
Source

pub fn disable<P: Policy>(self) -> Self

Disables the policy header policy.

§Example
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::NoSniff;

let helmet = SpaceHelmet::default().disable::<NoSniff>();
Source

pub fn is_enabled<P: Policy>(&self) -> bool

Returns true if the policy P is enabled.

§Example
use rocket_contrib::helmet::SpaceHelmet;
use rocket_contrib::helmet::{XssFilter, NoSniff, Frame};
use rocket_contrib::helmet::{Hsts, ExpectCt, Referrer};

let helmet = SpaceHelmet::default();

assert!(helmet.is_enabled::<XssFilter>());
assert!(helmet.is_enabled::<NoSniff>());
assert!(helmet.is_enabled::<Frame>());

assert!(!helmet.is_enabled::<Hsts>());
assert!(!helmet.is_enabled::<ExpectCt>());
assert!(!helmet.is_enabled::<Referrer>());

Trait Implementations§

Source§

impl Default for SpaceHelmet

Source§

fn default() -> Self

Returns a new SpaceHelmet instance. See the table for a description of the policies used by default.

§Example
use rocket_contrib::helmet::SpaceHelmet;

let helmet = SpaceHelmet::default();
Source§

impl Fairing for SpaceHelmet

Source§

fn info(&self) -> Info

Returns an Info structure containing the name and Kind of this fairing. The name can be any arbitrary string. Kind must be an ord set of Kind variants. Read more
Source§

fn on_response(&self, _request: &Request<'_>, response: &mut Response<'_>)

The response callback. Read more
Source§

fn on_launch(&self, rocket: &Rocket)

The launch callback. Read more
Source§

fn on_attach(&self, rocket: Rocket) -> Result<Rocket, Rocket>

The attach callback. Returns Ok if launch should proceed and Err if launch should be aborted. Read more
Source§

fn on_request(&self, request: &mut Request<'_>, data: &Data)

The request callback. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T, I> AsResult<T, I> for T
where I: Input,

Source§

fn as_result(self) -> Result<T, ParseErr<I>>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> IntoCollection<T> for T

§

fn into_collection<A>(self) -> SmallVec<A>
where A: Array<Item = T>,

Converts self into a collection.
§

fn mapped<U, F, A>(self, f: F) -> SmallVec<A>
where F: FnMut(T) -> U, A: Array<Item = U>,

Source§

impl<T> IntoSql for T

Source§

fn into_sql<T>(self) -> Self::Expression
where Self: Sized + AsExpression<T>,

Convert self to an expression for Diesel’s query builder. Read more
Source§

fn as_sql<'a, T>(&'a self) -> <&'a Self as AsExpression<T>>::Expression
where &'a Self: AsExpression<T>,

Convert &self to an expression for Diesel’s query builder. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Err = <U as TryFrom<T>>::Err

Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Err>

Source§

impl<T> Typeable for T
where T: Any,

Source§

fn get_type(&self) -> TypeId

Get the TypeId of this object.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V