scnmnt-security-middleware v0.1.0
adapter
capsule://quake0day/[email protected]
Provides a set of reusable security middleware for an Echo HTTP server, including secure headers, body limits, source origin validation, and CSRF protection. It ensures that API endpoints are protected against common web vulnerabilities.
Owns
- HTTP security header configuration (X-Frame-Options, CSP, etc.)
- Request body size limiting
- Source origin validation to prevent cross-site requests
- CSRF token generation, cookie management, and validation
Does not own
- User authentication (beyond CSRF token validation)
- Specific API business logic
- Application configuration outside of security settings
AI orientation
An agent working on this capsule would focus on implementing and testing HTTP security best practices. They should be familiar with web security concepts like CSRF, XSS, and origin policies, and how to apply them as middleware.
Avoid
- Implementing any business logic unrelated to security
- Direct database access
Provides
library:security.Middleware— Echo middleware for various security features.http_api:/api/session— Endpoint to retrieve a CSRF token for client-side use.
Requires
env:SECURITY_SECURE_COOKIES— Boolean flag to determine if CSRF cookies should be marked as secure.
Invariants (must always hold)
- CSRF tokens must be unique, securely generated, and correctly validated.
- Cross-site requests (except safe methods) must be rejected.
- Secure headers must be consistently applied to all responses.
Source files (2)
Click any file to view its content; the path on the right shows where the file lands when this capsule is installed.
src/internal/security/security.go→internal/security/security.gosrc/internal/security/security_test.go→internal/security/security_test.go
Plus capsule.yaml and
install.json.