diff options
Diffstat (limited to 'vendor/github.com/labstack/echo/v4/middleware/secure.go')
| -rw-r--r-- | vendor/github.com/labstack/echo/v4/middleware/secure.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/vendor/github.com/labstack/echo/v4/middleware/secure.go b/vendor/github.com/labstack/echo/v4/middleware/secure.go index 77a1487f..6c405172 100644 --- a/vendor/github.com/labstack/echo/v4/middleware/secure.go +++ b/vendor/github.com/labstack/echo/v4/middleware/secure.go @@ -66,6 +66,11 @@ type ( // maintained by Chrome (and used by Firefox and Safari): https://hstspreload.org/ // Optional. Default value false. HSTSPreloadEnabled bool `yaml:"hsts_preload_enabled"` + + // ReferrerPolicy sets the `Referrer-Policy` header providing security against + // leaking potentially sensitive request paths to third parties. + // Optional. Default value "". + ReferrerPolicy string `yaml:"referrer_policy"` } ) @@ -131,6 +136,9 @@ func SecureWithConfig(config SecureConfig) echo.MiddlewareFunc { res.Header().Set(echo.HeaderContentSecurityPolicy, config.ContentSecurityPolicy) } } + if config.ReferrerPolicy != "" { + res.Header().Set(echo.HeaderReferrerPolicy, config.ReferrerPolicy) + } return next(c) } } |