A Flask extension for adding security headers to HTTP responses
Project description
Flask-Helmet
Flask-Helmet is a Flask extension that makes it easy to add security headers to your HTTP responses. The goal of this project is to help you build more secure web applications by providing a simple and flexible API for adding headers that improve the security of your application.
Installation
You can install Flask-Helmet using pip:
pip install flask-helmet
Usage
To use Flask-Helmet in your Flask application, you need to do the following:
Import the extension:
from flask_helmet import FlaskHelmet
Initialize the extension:
helmet = FlaskHelmet()
helmet.init_app(app)
Headers
Flask-Helmet supports the following headers:
X-XSS-Protection: This header is used to configure the browser's XSS
X-Content-Type-Options: This header is used to prevent browsers from interpreting files as a different MIME type.
Content-Security-Policy: This header is used to control the resources that a browser is allowed to load for a given page.
X-Frame-Options: This header prevents browsers from displaying the content of the site in a frame.
Strict-Transport-Security: This header enforces secure (HTTPS) connections to the server.
Referrer-Policy: This header specifies the value of the Referer header sent with requests.
X-Permitted-Cross-Domain-Policies: This header controls the delivery of Adobe Flash content, including Flash cookies (LSOs).
X-Download-Options: This header tells Internet Explorer 8 and later to prevent file downloads from executing.
X-DNS-Prefetch-Control: This header controls browser DNS prefetching.
X-Powered-By: This header identifies the technology used to build the site.
For more information on the headers supported by Flask-Helmet, see the official documentation.
Contributing
If you want to contribute to Flask-Helmet, you can do so by submitting a pull request on Github. Before submitting your pull request, be sure to run the tests and make sure that your code follows the PEP 8 style guide.
- Fork the repository.
- Create a new branch for your changes.
- Make your changes and write tests for them.
- Submit a pull request.
License
Flask-Helmet is released under the MIT License. See the LICENSE file for more information.
We welcome contributions to this library. If you have an idea for a new feature or have found a bug, please open an issue on Github.
Buy me a Coffee
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for flask_helmet-1.0.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d55f7ceace736c024714dc1278bdafbaf04f7d3d9c2aaf541b33fb91335eb47a |
|
| MD5 | c2ed5fb278dc6fb0e180dbdf9418803b |
|
| BLAKE2b-256 | 4a3dfabe57292d988496b5b835a91b3f11d89e563e1e7d630cdd8fba13ac0313 |
