libcex  1.0.0
Modern C++11 embedded webserver library
security.hpp
Go to the documentation of this file.
1 //*************************************************************************
2 // File security.hpp
3 // Date 07.05.2018 - #1
4 // Copyright (c) 2018-2018 by Patrick Fial
5 //-------------------------------------------------------------------------
6 // Security functions
7 // Middleware that sets a crapload of security related HTTP headers
8 //*************************************************************************
9 
10 #ifndef __SECURITY_HPP__
11 #define __SECURITY_HPP__
12 
26 //***************************************************************************
27 // includes
28 //***************************************************************************
29 
30 #include <string>
31 #include <core.hpp>
32 
33 namespace cex
34 {
35 
36 //**************************************************************************
37 // Middlewares
38 //***************************************************************************
39 // Security
40 //***************************************************************************
41 
44 enum XFrame
45 {
46  xfUnknown= na,
47 
48  xfDeny,
49  xfSameOrigin,
50  xfFrom
51 };
52 
55 enum Referer
56 {
57  refUnknown= na,
58 
59  refNoReferrer,
60  refNoReferrerWhenDowngrade,
61  refSameOrigin,
62  refOrigin,
63  refStrictOrigin,
64  refOriginWhenCrossOrigin,
65  refStrictOriginWhenCrossOrigin,
66  refUnsafeUrl
67 };
68 
105 struct SecurityOptions
106 {
107  SecurityOptions();
108 
109  int noDNSPrefetch;
110  bool ieNoOpen;
111  bool disableCache;
117  bool noSniff;
118  int referrer;
132  bool xssProtection;
135  // X-Frame-Options
136 
137  XFrame xFrameAllow;
146  std::string xFrameFrom;
148  // Strict Transport Security
149 
150  int stsMaxAge;
151  bool stsIncludeSubDomains;
152  bool stsPreload;
154  // HTTP Public Key Pinning
155 
156  int hpkpMaxAge;
159  std::vector<std::string> hpkpKeys;
161  bool hpkpIncludeSubDomains;
162  std::string hpkpReportUri;
163 };
164 
168 MiddlewareFunction securityHeaders(std::shared_ptr<SecurityOptions> opts= nullptr);
169 
170 //***************************************************************************
171 } // namespace cex
172 
173 #endif // __SECURITY_HPP_
cex::Referer
Referer
Referer header options / variants.
Definition: security.hpp:55
cex::SecurityOptions::hpkpReportUri
std::string hpkpReportUri
If the HPKP header is set, adds the report-uri option, if the string is non-empty (default: empty)
Definition: security.hpp:162
cex::SecurityOptions::noDNSPrefetch
int noDNSPrefetch
If > -1, sets the X-DNS-Prefetch-Control header to on (1) or off (0) (default: 1)
Definition: security.hpp:109
cex::XFrame
XFrame
X-Frame header options / variants.
Definition: security.hpp:44
cex::SecurityOptions::referrer
int referrer
If <> refUnknown, sets the Referrer-Policy header (default: refUnknown)
Definition: security.hpp:118
cex::SecurityOptions::ieNoOpen
bool ieNoOpen
If true, sets the X-Download-Options header to noopen (default: true)
Definition: security.hpp:110
cex::SecurityOptions
Contains all options for the sessionHandler middleware.
Definition: security.hpp:105
cex::SecurityOptions::hpkpKeys
std::vector< std::string > hpkpKeys
Should contain the list of keys to add to the HPKP header . If hpkpMaxAge is not set,...
Definition: security.hpp:159
cex::SecurityOptions::xssProtection
bool xssProtection
If true, sets the X-XSS-Protection header to 1; mode=block (default: true)
Definition: security.hpp:132
cex::SecurityOptions::xFrameAllow
XFrame xFrameAllow
If <> xfUnknown, sets the X-Frame-Options header (default: xfUnknown)
Definition: security.hpp:137
cex::SecurityOptions::hpkpIncludeSubDomains
bool hpkpIncludeSubDomains
If the HPKP header is set, adds the includeSubdomains option (default: true)
Definition: security.hpp:161
cex::SecurityOptions::noSniff
bool noSniff
If true, sets the X-Content-Type-Options header to nosniff (default: true)
Definition: security.hpp:117
cex::MiddlewareFunction
std::function< void(Request *req, Response *res, std::function< void()> next)> MiddlewareFunction
A function which is called by a standard Middleware when an incoming request matches.
Definition: core.hpp:108
cex::SecurityOptions::hpkpMaxAge
int hpkpMaxAge
Sets the max-age option of the Public-Key-Pins header (default: 31536000). If hpkpMaxAge is not set,...
Definition: security.hpp:156
cex::SecurityOptions::stsPreload
bool stsPreload
If the STS header is set, adds the preload option (default: false)
Definition: security.hpp:152
cex::SecurityOptions::stsIncludeSubDomains
bool stsIncludeSubDomains
If the STS header is set, adds the includeSubdomains option (default: false)
Definition: security.hpp:151
core.hpp
libcex core classes and functions
cex::SecurityOptions::xFrameFrom
std::string xFrameFrom
Sets the ALLOW-FROM name if xFrameAllow option is set to xfFrom
Definition: security.hpp:146
cex::SecurityOptions::stsMaxAge
int stsMaxAge
If > 0, sets the Strict-Transport-Security header (default: 31536000)
Definition: security.hpp:150
cex::SecurityOptions::disableCache
bool disableCache
If true, sets several cache-related headers (default: true)
Definition: security.hpp:111
Generated by   doxygen 1.8.16