Skip to main content

Middleware for adding security headers to HTTP responses

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri_middleware_securityheaders Discord

Swarmauri Middleware Security Headers

Middleware for adding security-focused HTTP headers to FastAPI responses, helping shield applications from common web vulnerabilities.

What it does

SecurityHeadersMiddleware ensures every response produced by your FastAPI application carries the following headers and values:

  • Content-Security-Policy: default-src 'self'; script-src 'self' https://cdn.example.com; style-src 'self' https://cdn.example.com; img-src 'self' https://images.example.com; font-src 'self' https://fonts.example.com
  • X-Content-Type-Options: nosniff
  • X-Frame-Options: DENY
  • X-XSS-Protection: 1; mode=block
  • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
  • Referrer-Policy: same-origin
  • Permissions-Policy: interest-cohort=(), geolocation=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), payment=()

These defaults provide a strong baseline for many applications. Update the middleware if you need to tailor the directives (for example, to change the allowed host names in the Content Security Policy).

Installation

pip

pip install swarmauri-middleware-securityheaders

Poetry

poetry add swarmauri_middleware_securityheaders

uv

uv add swarmauri_middleware_securityheaders

Usage

from fastapi import FastAPI, Request
from swarmauri_middleware_securityheaders import SecurityHeadersMiddleware

app = FastAPI()
security_middleware = SecurityHeadersMiddleware(app)


@app.middleware("http")
async def apply_security_headers(request: Request, call_next):
    return await security_middleware.dispatch(request, call_next)


@app.get("/")
async def read_root() -> dict[str, str]:
    return {"status": "ok"}

This pattern instantiates the middleware once and reuses its dispatch method within FastAPI's @app.middleware("http") hook so that every response includes the security headers listed above.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_middleware_securityheaders-0.11.0.dev1.tar.gz.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.11.0.dev1.tar.gz
  • Upload date:
  • Size: 7.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.11.0.dev1.tar.gz
Algorithm Hash digest
SHA256 09a318978c020d10f17463548260300c994fbad17a9d03ac4e9b057e12d0df25
MD5 e0dfdb6b8015a250d926c07197e13b8d
BLAKE2b-256 2d0feb8317d16c572fcf319a8836fd3bf35b43f092864b9ecbaa7869651a8fbc

See more details on using hashes here.

File details

Details for the file swarmauri_middleware_securityheaders-0.11.0.dev1-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.11.0.dev1-py3-none-any.whl
  • Upload date:
  • Size: 9.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.11.0.dev1-py3-none-any.whl
Algorithm Hash digest
SHA256 0106b9de6daeb1e6637192942b664f846d3b867c4094f28eb1fc8a0c215a4d23
MD5 44556b9e1a68081c75aba7c90c1aac39
BLAKE2b-256 c1929f6c228f720b74a915706d51a8c14694a374d7b6d5a01c7b6ae807c44cc0

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page