https://github.com/danielkov/rust-helmet

HTTP security headers middleware for multiple Rust web frameworks
https://github.com/danielkov/rust-helmet

Last synced: about 1 year ago
JSON representation

HTTP security headers middleware for multiple Rust web frameworks

• Host: GitHub
• URL: https://github.com/danielkov/rust-helmet
• Owner: danielkov
• Created: 2023-12-30T01:01:48.000Z (over 2 years ago)
• Default Branch: master
• Last Pushed: 2025-04-02T15:45:11.000Z (about 1 year ago)
• Last Synced: 2025-05-10T06:48:05.757Z (about 1 year ago)
• Language: Rust
• Homepage:
• Size: 128 KB
• Stars: 7
• Watchers: 1
• Forks: 2
• Open Issues: 2
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Rust Helmet

A security middleware library for popular Rust web frameworks.

## Packages

- `ntex-helmet` is a security middleware for the `ntex` web framework.

- `actix-web-helmet` is a security middleware for the `actix-web` web framework.

- `rocket-helmet` is a security middleware for the `rocket` web framework. **_Coming Soon_**

- `warp-helmet` is a security middleware for the `warp` web framework. **_Coming Soon_**

- `axum-helmet` is a security middleware for the `axum` web framework.

- `helmet-core` is the core library that the other packages are built on. It can be used to build a security middleware for any web framework.

It works by setting HTTP headers for you. These headers can help protect your app from some well-known web vulnerabilities:

- [Cross-Origin-Embedder-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy)

- [Cross-Origin-Opener-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy)

- [Cross-Origin-Resource-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy)

- [Origin-Agent-Cluster](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin-Agent-Cluster)

- [Referrer-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy)

- [Strict-Transport-Security](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)

- [X-Content-Type-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)

- [X-DNS-Prefetch-Control](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control)

- [X-Download-Options]()

- [X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)

- [X-Permitted-Cross-Domain-Policies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Permitted-Cross-Domain-Policies)

- [X-XSS-Protection](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)

- [X-Powered-By](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Powered-By)

- [Content-Security-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy)