Skip to main content

Middleware for adding security headers to HTTP responses

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri-middleware-securityheaders


Swarmauri Middleware Security Headers

Middleware for adding security-focused HTTP headers to FastAPI responses, helping shield applications from common web vulnerabilities.

What it does

SecurityHeadersMiddleware ensures every response produced by your FastAPI application carries the following headers and values:

  • Content-Security-Policy: default-src 'self'; script-src 'self' https://cdn.example.com; style-src 'self' https://cdn.example.com; img-src 'self' https://images.example.com; font-src 'self' https://fonts.example.com
  • X-Content-Type-Options: nosniff
  • X-Frame-Options: DENY
  • X-XSS-Protection: 1; mode=block
  • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
  • Referrer-Policy: same-origin
  • Permissions-Policy: interest-cohort=(), geolocation=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), payment=()

These defaults provide a strong baseline for many applications. Update the middleware if you need to tailor the directives (for example, to change the allowed host names in the Content Security Policy).

Installation

pip

pip install swarmauri-middleware-securityheaders

Poetry

poetry add swarmauri_middleware_securityheaders

uv

uv add swarmauri_middleware_securityheaders

Usage

from fastapi import FastAPI, Request
from swarmauri_middleware_securityheaders import SecurityHeadersMiddleware

app = FastAPI()
security_middleware = SecurityHeadersMiddleware(app)


@app.middleware("http")
async def apply_security_headers(request: Request, call_next):
    return await security_middleware.dispatch(request, call_next)


@app.get("/")
async def read_root() -> dict[str, str]:
    return {"status": "ok"}

This pattern instantiates the middleware once and reuses its dispatch method within FastAPI's @app.middleware("http") hook so that every response includes the security headers listed above.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev44.tar.gz.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev44.tar.gz
  • Upload date:
  • Size: 7.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev44.tar.gz
Algorithm Hash digest
SHA256 0b02bd7f45f98962e083f3565e6675a0d7291f9aa8a20f32935356af85845eaf
MD5 b5dd134d768b693d1fcb12cc7b7a54c8
BLAKE2b-256 ab1d7c2395880c11a775cacbb4b33d1136f4512b859273db0c7ae71a4c493af3

See more details on using hashes here.

File details

Details for the file swarmauri_middleware_securityheaders-0.8.0.dev44-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_middleware_securityheaders-0.8.0.dev44-py3-none-any.whl
  • Upload date:
  • Size: 9.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_middleware_securityheaders-0.8.0.dev44-py3-none-any.whl
Algorithm Hash digest
SHA256 54b0c5ab556087b0a5bdd2a25c20717084d87a6c036f5faf4b5a90ae2c02e976
MD5 4f6278c7b0240bbbcbcfa0a157009e88
BLAKE2b-256 e810c28a3c8f22273d507bdea4215e2121b03da3a1d72c35e68af141d255be58

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page