Skip to main content

Middleware for adding security headers to HTTP responses

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri-middleware-securityheaders


Swarmauri Middleware Security Headers

Middleware for adding security-focused HTTP headers to FastAPI responses, helping shield applications from common web vulnerabilities.

What it does

SecurityHeadersMiddleware ensures every response produced by your FastAPI application carries the following headers and values:

  • Content-Security-Policy: default-src 'self'; script-src 'self' https://cdn.example.com; style-src 'self' https://cdn.example.com; img-src 'self' https://images.example.com; font-src 'self' https://fonts.example.com
  • X-Content-Type-Options: nosniff
  • X-Frame-Options: DENY
  • X-XSS-Protection: 1; mode=block
  • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
  • Referrer-Policy: same-origin
  • Permissions-Policy: interest-cohort=(), geolocation=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), payment=()

These defaults provide a strong baseline for many applications. Update the middleware if you need to tailor the directives (for example, to change the allowed host names in the Content Security Policy).

Installation

pip

pip install swarmauri-middleware-securityheaders

Poetry

poetry add swarmauri_middleware_securityheaders

uv

uv add swarmauri_middleware_securityheaders

Usage

from fastapi import FastAPI, Request
from swarmauri_middleware_securityheaders import SecurityHeadersMiddleware

app = FastAPI()
security_middleware = SecurityHeadersMiddleware(app)


@app.middleware("http")
async def apply_security_headers(request: Request, call_next):
    return await security_middleware.dispatch(request, call_next)


@app.get("/")
async def read_root() -> dict[str, str]:
    return {"status": "ok"}

This pattern instantiates the middleware once and reuses its dispatch method within FastAPI's @app.middleware("http") hook so that every response includes the security headers listed above.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev37.tar.gz.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev37.tar.gz
  • Upload date:
  • Size: 7.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.4 {"installer":{"name":"uv","version":"0.10.4","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev37.tar.gz
Algorithm Hash digest
SHA256 36ab7b4c678a6e8b0abc9155c7ddee38cb1fc1b87db866d28e35c59b8183c2ac
MD5 019af2a81b82d8e97c03005a7effdf30
BLAKE2b-256 27c10945d7a1b637099f9b2186b2caba58d1377841050ec48e2555e904594bd5

See more details on using hashes here.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev37-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev37-py3-none-any.whl
  • Upload date:
  • Size: 9.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.4 {"installer":{"name":"uv","version":"0.10.4","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev37-py3-none-any.whl
Algorithm Hash digest
SHA256 9c947f9f44f090473cc1f8596edcae46bbaa2ad11e85f04a101439eddd3be2d9
MD5 1b26c6cb1386a3081092aa831c23a506
BLAKE2b-256 7035c3b62b933b6eb92194a74dc9a0ace160247e21e18c19cd56cdc4d58a3953

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page