Skip to main content

Middleware for adding security headers to HTTP responses

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri-middleware-securityheaders


Swarmauri Middleware Security Headers

Middleware for adding security-focused HTTP headers to FastAPI responses, helping shield applications from common web vulnerabilities.

What it does

SecurityHeadersMiddleware ensures every response produced by your FastAPI application carries the following headers and values:

  • Content-Security-Policy: default-src 'self'; script-src 'self' https://cdn.example.com; style-src 'self' https://cdn.example.com; img-src 'self' https://images.example.com; font-src 'self' https://fonts.example.com
  • X-Content-Type-Options: nosniff
  • X-Frame-Options: DENY
  • X-XSS-Protection: 1; mode=block
  • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
  • Referrer-Policy: same-origin
  • Permissions-Policy: interest-cohort=(), geolocation=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), payment=()

These defaults provide a strong baseline for many applications. Update the middleware if you need to tailor the directives (for example, to change the allowed host names in the Content Security Policy).

Installation

pip

pip install swarmauri-middleware-securityheaders

Poetry

poetry add swarmauri_middleware_securityheaders

uv

uv add swarmauri_middleware_securityheaders

Usage

from fastapi import FastAPI, Request
from swarmauri_middleware_securityheaders import SecurityHeadersMiddleware

app = FastAPI()
security_middleware = SecurityHeadersMiddleware(app)


@app.middleware("http")
async def apply_security_headers(request: Request, call_next):
    return await security_middleware.dispatch(request, call_next)


@app.get("/")
async def read_root() -> dict[str, str]:
    return {"status": "ok"}

This pattern instantiates the middleware once and reuses its dispatch method within FastAPI's @app.middleware("http") hook so that every response includes the security headers listed above.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev43.tar.gz.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev43.tar.gz
  • Upload date:
  • Size: 7.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev43.tar.gz
Algorithm Hash digest
SHA256 59dbb453e5251c56db7a14109bb2bb2640742357368660fa0a5d5e34493a83a7
MD5 90070acae1cadbc3bdf33803c6590334
BLAKE2b-256 b67ce70c2cffefdde9b6905861cd7d8f0282df76923019227aff82dbb3b787ef

See more details on using hashes here.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev43-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev43-py3-none-any.whl
  • Upload date:
  • Size: 9.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev43-py3-none-any.whl
Algorithm Hash digest
SHA256 7612872c6a700c2a13fa9ff10e4b6349b0c85707187ab369d0f993f6936cd467
MD5 dc6978ff1a854a61b3e3ac3c8359196a
BLAKE2b-256 733159f1b01383d14b8eb52e2b3309d752da4ea5b5dfdc58e478eb3552bf72e8

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page