1 files changed, 22 insertions, 0 deletions
diff --git a/echo/middleware/strict_secure.go b/echo/middleware/strict_secure.go
new file mode 100644
index 0000000..0b61b92
--- /dev/null
+++ b/echo/middleware/strict_secure.go
@@ -0,0 +1,22 @@
+package middleware
+import (
+        gltime "code.crute.us/mcrute/golib/time"
+        "github.com/labstack/echo/v4"
+        "github.com/labstack/echo/v4/middleware"
+)
+// StrictSecure returns a Secure middleware with strict settings which match
+// the legacy nginx proxy defaults.
+func StrictSecure() echo.MiddlewareFunc {
+        return middleware.SecureWithConfig(middleware.SecureConfig{
+                XFrameOptions:         "SAMEORIGIN",
+                ContentTypeNosniff:    "nosniff",
+                XSSProtection:         "1; mode=block",
+                ReferrerPolicy:        "same-origin",
+                HSTSExcludeSubdomains: false,
+                HSTSPreloadEnabled:    true,
+                HSTSMaxAge:            gltime.ToSeconds(2 * gltime.Year),
+        })
+}

diff --git a/echo/middleware/strict_secure.go b/echo/middleware/strict_secure.go new file mode 100644 index 0000000..0b61b92 --- /dev/null +++ b/echo/middleware/strict_secure.go
@@ -0,0 +1,22 @@
	1	package middleware
	2
	3	import (
	4	gltime "code.crute.us/mcrute/golib/time"
	5
	6	"github.com/labstack/echo/v4"
	7	"github.com/labstack/echo/v4/middleware"
	8	)
	9
	10	// StrictSecure returns a Secure middleware with strict settings which match
	11	// the legacy nginx proxy defaults.
	12	func StrictSecure() echo.MiddlewareFunc {
	13	return middleware.SecureWithConfig(middleware.SecureConfig{
	14	XFrameOptions: "SAMEORIGIN",
	15	ContentTypeNosniff: "nosniff",
	16	XSSProtection: "1; mode=block",
	17	ReferrerPolicy: "same-origin",
	18	HSTSExcludeSubdomains: false,
	19	HSTSPreloadEnabled: true,
	20	HSTSMaxAge: gltime.ToSeconds(2 * gltime.Year),
	21	})
	22	}