module Kemal::Shield
Overview
Kemal::Shield
is a module that contains a collection of Kemal handlers.
These handlers sets/unsets different HTTP response headers adding an extra
layer of protection.
Kemal::Shield.activate # => Adds all the handlers
It is also possible to add just the handlers that you are interested in.
add_handler Kemal::Shield::XPoweredBy.new # => Removes the X-Powered-By header
add_handler Kemal::Shield::XXSSProtection.new # => Sets X-XSS-Protection to "0"
The different headers can be configured in the same way as Kemal:
Kemal::Shield.config do |config|
config.csp_on = true
config.hide_powered_by = true
config.no_sniff = true
config.referrer_policy = ["no-referrer"]
config.x_xss_protection = false
end
Defined in:
kemal-shield.crkemal-shield/config.cr
kemal-shield/exceptions.cr
kemal-shield/handler.cr
kemal-shield/handlers/content_security_policy.cr
kemal-shield/handlers/cross_origin_embedder_policy.cr
kemal-shield/handlers/cross_origin_opener_policy.cr
kemal-shield/handlers/cross_origin_resource_policy.cr
kemal-shield/handlers/expect_ct.cr
kemal-shield/handlers/origin_agent_cluster.cr
kemal-shield/handlers/referrer_policy.cr
kemal-shield/handlers/strict_transport_security.cr
kemal-shield/handlers/x_content_type_options.cr
kemal-shield/handlers/x_dns_prefetch_control.cr
kemal-shield/handlers/x_download_options.cr
kemal-shield/handlers/x_frame_options.cr
kemal-shield/handlers/x_permitted_cross_domain_policies.cr
kemal-shield/handlers/x_powered_by.cr
kemal-shield/handlers/x_xss_protection.cr
kemal-shield/version.cr
Constant Summary
-
HANDLERS =
[] of Shield::Handler.class
-
VERSION =
"0.4.0"
Class Method Summary
-
.activate
Adds a collection of
Kemal::Shield::Handler
. -
.add_handler(handler : Shield::Handler)
Adds a
Kemal::Shield::Handler
. - .config(&)
- .config
-
.deactivate
Removes all
Kemal::Shield::Handler
. -
.remove_handler(handler : Shield::Handler.class)
Removes a
Kemal::Shield::Handler
.
Class Method Detail
def self.add_handler(handler : Shield::Handler)
#
Adds a Kemal::Shield::Handler
.
class CustomHandler < Kemal::Shield::Handler
def call(context)
# code ...
call_next context
end
end
Kemal::Shield.add_handler CustomHandler.new
A Kemal::Shield::DublicateHandlerError
is raised if dublicate handlers
are added.
Kemal::Shield.add_handler CustomHandler.new # => okay
Kemal::Shield.add_handler CustomHandler.new # => raises DublicateHandlerError
Removes a Kemal::Shield::Handler
.
Returns the removed handler if found, otherwise nil
.
Kemal::Shield.activate
Kemal::Shield.remove_handler Kemal::Shield::ExpectCT # => Kemal::Shield::ExpectCT object
Kemal::Shield.remove_handler Kemal::Shield::ExpectCT # => nil