Trait Policy

pub trait Policy:
    Default
    + Send
    + Sync
    + 'static {
    const NAME: &'static str;

    // Required method
    fn header(&self) -> Header<'static>;
}

Trait implemented by security and privacy policy headers.

Types that implement this trait can be enable()d and disable()d on instances of Shield.

Required Associated Constants

const NAME: &'static str

The actual name of the HTTP header.

This name must uniquely identify the header as it is used to determine whether two implementations of Policy are for the same header. Use the real HTTP header’s name.

Example

use rocket::shield::Policy;

#[derive(Default)]
struct MyPolicy;

impl Policy for MyPolicy {
    const NAME: &'static str = "X-My-Policy";
}

Required Methods

fn header(&self) -> Header<'static>

Returns the Header to attach to all outgoing responses.

Example

use rocket::http::Header;
use rocket::shield::Policy;

#[derive(Default)]
struct MyPolicy;

impl Policy for MyPolicy {
    fn header(&self) -> Header<'static> {
        Header::new(Self::NAME, "value-to-enable")
    }
}

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors

impl Policy for ExpectCt

const NAME: &'static str = "Expect-CT"

impl Policy for Frame

const NAME: &'static str = "X-Frame-Options"

impl Policy for Hsts

const NAME: &'static str = "Strict-Transport-Security"

impl Policy for NoSniff

const NAME: &'static str = "X-Content-Type-Options"

impl Policy for Prefetch

const NAME: &'static str = "X-DNS-Prefetch-Control"

impl Policy for Referrer

const NAME: &'static str = "Referrer-Policy"

impl Policy for XssFilter

const NAME: &'static str = "X-XSS-Protection"

impl Policy for Permission

const NAME: &'static str = "Permissions-Policy"