libcex
1.0.0
Modern C++11 embedded webserver library
|
Contains all options for the sessionHandler middleware. More...
#include <security.hpp>
Public Attributes | |
int | noDNSPrefetch |
If > -1 , sets the X-DNS-Prefetch-Control header to on (1) or off (0) (default: 1 ) | |
bool | ieNoOpen |
If true , sets the X-Download-Options header to noopen (default: true ) | |
bool | disableCache |
If true , sets several cache-related headers (default: true ) More... | |
bool | noSniff |
If true , sets the X-Content-Type-Options header to nosniff (default: true ) | |
int | referrer |
If <> refUnknown , sets the Referrer-Policy header (default: refUnknown ) More... | |
bool | xssProtection |
If true , sets the X-XSS-Protection header to 1; mode=block (default: true ) | |
XFrame | xFrameAllow |
If <> xfUnknown , sets the X-Frame-Options header (default: xfUnknown ) More... | |
std::string | xFrameFrom |
Sets the ALLOW-FROM name if xFrameAllow option is set to xfFrom | |
int | stsMaxAge |
If > 0 , sets the Strict-Transport-Security header (default: 31536000 ) | |
bool | stsIncludeSubDomains |
If the STS header is set, adds the includeSubdomains option (default: false ) | |
bool | stsPreload |
If the STS header is set, adds the preload option (default: false ) | |
int | hpkpMaxAge |
Sets the max-age option of the Public-Key-Pins header (default: 31536000 ). If hpkpMaxAge is not set, or hpkpKeys is empty, NO header is set. | |
std::vector< std::string > | hpkpKeys |
Should contain the list of keys to add to the HPKP header . If hpkpMaxAge is not set, or hpkpKeys is empty, NO header is set. | |
bool | hpkpIncludeSubDomains |
If the HPKP header is set, adds the includeSubdomains option (default: true ) | |
std::string | hpkpReportUri |
If the HPKP header is set, adds the report-uri option, if the string is non-empty (default: empty) | |
Contains all options for the sessionHandler middleware.
Example:
will set the following headers:
bool cex::SecurityOptions::disableCache |
If true
, sets several cache-related headers (default: true
)
Sets the following headers:
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
int cex::SecurityOptions::referrer |
If <> refUnknown
, sets the Referrer-Policy header (default: refUnknown
)
Sets the header according to the supplied enum value:
Referrer-Policy: no-referrer
Referrer-Policy: no-referrer-when-downgrade
Referrer-Policy: same-origin
Referrer-Policy: origin
Referrer-Policy: strict-origin
Referrer-Policy: origin-when-cross-origin
Referrer-Policy: strict-origin-when-cross-origin
Referrer-Policy: unsafe-url
XFrame cex::SecurityOptions::xFrameAllow |
If <> xfUnknown
, sets the X-Frame-Options
header (default: xfUnknown
)
Sets the header according to the supplied value:
xfFrom
sets X-Frame-Options: ALLOW-FROM
plus the supplied string in xFrameFrom
option xfDeny
sets X-Frame-Options: DENY
xfSameOrigin
sets X-Frame-Options: SAMEORIGIN