{"id":22396978,"url":"https://github.com/atrox/tower-helmet","last_synced_at":"2025-08-23T19:03:46.365Z","repository":{"id":57664251,"uuid":"440953290","full_name":"Atrox/tower-helmet","owner":"Atrox","description":"tower-helmet helps you secure your tower server by setting various HTTP headers. It's not a silver bullet, but it can help!","archived":false,"fork":false,"pushed_at":"2024-01-29T21:37:11.000Z","size":29,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-11-07T13:17:59.831Z","etag":null,"topics":["helmet","http-headers","middleware","rust","rust-tower","security","tower"],"latest_commit_sha":null,"homepage":"https://crates.io/crates/tower-helmet","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Atrox.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-12-22T18:43:16.000Z","updated_at":"2023-11-14T03:45:03.000Z","dependencies_parsed_at":"2023-01-21T20:15:10.460Z","dependency_job_id":null,"html_url":"https://github.com/Atrox/tower-helmet","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Atrox%2Ftower-helmet","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Atrox%2Ftower-helmet/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Atrox%2Ftower-helmet/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Atrox%2Ftower-helmet/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Atrox","download_url":"https://codeload.github.com/Atrox/tower-helmet/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228242556,"owners_count":17890481,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["helmet","http-headers","middleware","rust","rust-tower","security","tower"],"created_at":"2024-12-05T06:10:04.904Z","updated_at":"2024-12-05T06:10:05.828Z","avatar_url":"https://github.com/Atrox.png","language":"Rust","readme":"# tower-helmet\n\n[![Crates.io](https://img.shields.io/crates/v/tower-helmet)](https://crates.io/crates/tower-helmet)\n[![Documentation](https://docs.rs/tower-helmet/badge.svg)](https://docs.rs/tower-helmet)\n[![License](https://img.shields.io/crates/l/tower-helmet)](LICENSE)\n\nthis is still very **work in progress**\n\na port of the beautiful [helmet.js](https://github.com/helmetjs/helmet) in the javascript world.\n\n`tower-helmet` helps you secure your tower server by setting various HTTP headers. _It's not a silver bullet_, but it can help!\n\nYou can find a list of all available headers under the [header] module. By default (with [HelmetLayer::default]) **all of them** are enabled.\nPlease take a good look at [ContentSecurityPolicy]. Most of the time you will need to adapt this one to your needs.\n\n# Examples\n\n```rust\nuse tower_helmet::header::{ContentSecurityPolicy, ExpectCt, XFrameOptions};\nuse tower_helmet::HelmetLayer;\n\n// default layer with all security headers active\nlet layer = HelmetLayer::with_defaults();\n\n// default layer with customizations applied\nlet mut directives = HashMap::new();\ndirectives.insert(\"default-src\", vec![\"'self'\", \"https://example.com\"]);\ndirectives.insert(\"img-src\", vec![\"'self'\", \"data:\", \"https://example.com\"]);\ndirectives.insert(\"script-src\", vec![\"'self'\", \"'unsafe-inline'\", \"https://example.com\"]);\nlet csp = ContentSecurityPolicy {\n  directives,\n  ..Default::default()\n};\n\nlet layer = HelmetLayer::with_defaults().enable(csp);\n\n// completely blank layer, selectively enable and add headers\nlet layer = HelmetLayer::blank()\n  .enable(XFrameOptions::SameOrigin)\n  .enable(ExpectCt::default());\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatrox%2Ftower-helmet","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fatrox%2Ftower-helmet","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fatrox%2Ftower-helmet/lists"}