forked from ribice/gorsk-gin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
mw.go
29 lines (26 loc) 路 864 Bytes
/
mw.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
package mw
import (
"github.com/gin-gonic/gin"
)
// Add adds middlewares to gin engine
func Add(r *gin.Engine, h ...gin.HandlerFunc) {
for _, v := range h {
r.Use(v)
}
}
// SecureHeaders adds general security headers for basic security measures
func SecureHeaders() gin.HandlerFunc {
return func(c *gin.Context) {
// Protects from MimeType Sniffing
c.Header("X-Content-Type-Options", "nosniff")
// Prevents browser from prefetching DNS
c.Header("X-DNS-Prefetch-Control", "off")
// Denies website content to be served in an iframe
c.Header("X-Frame-Options", "DENY")
c.Header("Strict-Transport-Security", "max-age=5184000; includeSubDomains")
// Prevents Internet Explorer from executing downloads in site's context
c.Header("X-Download-Options", "noopen")
// Minimal XSS protection
c.Header("X-XSS-Protection", "1; mode=block")
}
}