Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

CSS

Objective-C

Perl

PHP

Lua

Swift

Scala

Crystal

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Elm

C#

TypeScript

PHP

C

Elixir

R

Swift

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇲🇽 Mexico

🇵🇱 Poland

🇨🇻 Cape Verde

🇲🇩 Moldova

🇦🇹 Austria

🇸🇧 Solomon Islands

🇹🇱 Timor-Leste

🇮🇱 Israel

All Countries Compare Countries

gin-contrib/secure

Stars
127
Rank 281,914 (Top 6 %)
Language
Go
License
MIT License
Created almost 9 years ago
Updated 4 months ago

gin-contrib/secure

gin-contrib

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Secure

Secure middleware for Gin framework.

Example

See the example1, example2.

DefaultConfig returns a Configuration with strict security settings

func DefaultConfig() Config {
	return Config{
		SSLRedirect:           true,
		IsDevelopment:         false,
		STSSeconds:            315360000,
		STSIncludeSubdomains:  true,
		FrameDeny:             true,
		ContentTypeNosniff:    true,
		BrowserXssFilter:      true,
		ContentSecurityPolicy: "default-src 'self'",
		IENoOpen:              true,
		SSLProxyHeaders:       map[string]string{"X-Forwarded-Proto": "https"},
	}
}

package main

import (
	"log"

	"github.com/gin-contrib/secure"
	"github.com/gin-gonic/gin"
)

func main() {
	router := gin.Default()

	router.Use(secure.New(secure.Config{
		AllowedHosts:          []string{"example.com", "ssl.example.com"},
		SSLRedirect:           true,
		SSLHost:               "ssl.example.com",
		STSSeconds:            315360000,
		STSIncludeSubdomains:  true,
		FrameDeny:             true,
		ContentTypeNosniff:    true,
		BrowserXssFilter:      true,
		ContentSecurityPolicy: "default-src 'self'",
		IENoOpen:              true,
		ReferrerPolicy:        "strict-origin-when-cross-origin",
		SSLProxyHeaders:       map[string]string{"X-Forwarded-Proto": "https"},
	}))

	router.GET("/ping", func(c *gin.Context) {
		c.String(200, "pong")
	})

	// Listen and Server in 0.0.0.0:8080
	if err := router.Run(); err != nil {
		log.Fatal(err)
	}
}

cors

Official CORS gin's middleware

sessions

Gin middleware for session management

authz

gin-authz is an authorization middleware for Gin

pprof

gin pprof middleware

zap

Alternative logging through zap

cache

Gin middleware/handler to enable Cache

gzip

Gin middleware to enable GZIP support.

static

Static middleware

multitemplate

This is a custom HTML render to support multi templates

requestid

Request ID middleware for Gin Framework

logger

Gin middleware/handler to logger url path using rs/zerolog

timeout

Timeout middleware for Gin

opengintracing

trace requests using opentracing specification

location

gin middleware to expose the server's hostname and scheme

i18n

i18n middleware

size

Limit size of POST requests for Gin framework

httpsign

Signing HTTP Messages Middleware

sentry

Middleware to integrate with sentry crash reporting.

graceful

Graceful allows to restart and/or switch gin.Engine without dropping existing conns

expvar

A expvar handler for gin framework, expvar provides a standardized interface to public variables.

rollbar

Middleware to integrate with rollbar error monitoring.