Skip to main content

Middleware for adding security headers to HTTP responses

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri-middleware-securityheaders


Swarmauri Middleware Security Headers

Middleware for adding security-focused HTTP headers to FastAPI responses, helping shield applications from common web vulnerabilities.

What it does

SecurityHeadersMiddleware ensures every response produced by your FastAPI application carries the following headers and values:

  • Content-Security-Policy: default-src 'self'; script-src 'self' https://cdn.example.com; style-src 'self' https://cdn.example.com; img-src 'self' https://images.example.com; font-src 'self' https://fonts.example.com
  • X-Content-Type-Options: nosniff
  • X-Frame-Options: DENY
  • X-XSS-Protection: 1; mode=block
  • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
  • Referrer-Policy: same-origin
  • Permissions-Policy: interest-cohort=(), geolocation=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), payment=()

These defaults provide a strong baseline for many applications. Update the middleware if you need to tailor the directives (for example, to change the allowed host names in the Content Security Policy).

Installation

pip

pip install swarmauri-middleware-securityheaders

Poetry

poetry add swarmauri_middleware_securityheaders

uv

uv add swarmauri_middleware_securityheaders

Usage

from fastapi import FastAPI, Request
from swarmauri_middleware_securityheaders import SecurityHeadersMiddleware

app = FastAPI()
security_middleware = SecurityHeadersMiddleware(app)


@app.middleware("http")
async def apply_security_headers(request: Request, call_next):
    return await security_middleware.dispatch(request, call_next)


@app.get("/")
async def read_root() -> dict[str, str]:
    return {"status": "ok"}

This pattern instantiates the middleware once and reuses its dispatch method within FastAPI's @app.middleware("http") hook so that every response includes the security headers listed above.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev33.tar.gz.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev33.tar.gz
  • Upload date:
  • Size: 7.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev33.tar.gz
Algorithm Hash digest
SHA256 8a905743c8a1ded076b3e67586f43eb16626fd128e8ccf8d5aa6b4e114f021a1
MD5 113093cf95cd33eb2c6e88d04b6b93ed
BLAKE2b-256 498cc4528196f21e261832b842514b6fe0955cbfe93cd8ce148021629b168ec6

See more details on using hashes here.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev33-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev33-py3-none-any.whl
  • Upload date:
  • Size: 9.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev33-py3-none-any.whl
Algorithm Hash digest
SHA256 8d76ddf33e6b2e7db5d21acab32b590787737f833f33e95b3faba0db9cae465c
MD5 2370f81719c7afe036b3cf47120423c5
BLAKE2b-256 6ea7dcbab64a50051e09486dc484ac74a88f726af98f786007e694039f79b6f1

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page