Secweb


NameSecweb JSON
Version 1.11.0 PyPI version JSON
download
home_pageNone
SummarySecweb is a pack of security middlewares for fastApi and starlette servers it includes CSP, HSTS, and many more
upload_time2024-06-18 06:57:11
maintainerNone
docs_urlNone
authorNone
requires_python>=3.7
licenseNone
keywords fastapi security header security header starlette security header secweb fastapi csp starlette csp csp
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            <p  align = "center"><img  alt="Secweb logo"  src="https://raw.githubusercontent.com/tmotagam/Secweb/main/Secweb.jpg"></p>

  

<p  align="center"><em>Secweb helps in setting security headers for FastApi and Starlette</em></p>

  

---

<br>

  

Secweb is the pack of middlewares for setting security headers for fastapi and can also be used for any framework created on starlette it has 16 middlewares for setting headers of your website and also for your api(s).

  

#### The PermissionsPolicy middleware lies in development branch [here](https://github.com/tmotagam/Secweb/tree/Secweb-Beta#readme)

  

The list of middleware is as follows:

  

1. Content Security Policy (CSP)

  

<br>

  

2. Origin Agent Cluster

  

<br>

  

3. Referrer Policy

  

<br>

  

4. HTTP Strict Transport Security(HSTS)

  

<br>

  

5. HTTP Strict Transport Security(HSTS) for WebSockets

  

<br>

  

6. X-Content-Type-Options

  

<br>

  

7. X-DNS-Prefetch-Control

  

<br>

  

8. X-Download-Options

  

<br>

  

9. X-Frame

  

<br>

  

10. X-Permitted-Cross-Domain-Policies

  

<br>

  

11. X-XSS-Protection

  

<br>

  

12. Cross-Origin-Embedder-Policy

  

<br>

  

13. Cross-Origin-Opener-Policy

  

<br>

  

14. Cross-Origin-Resource-Policy

  

<br>

  

15. Clear-Site-Data

  

<br>

  

16. Cache-Control

  

## Requirements

  

* [Python >= 3.7](https://www.python.org/downloads/)

  

* [Starlette](https://pypi.org/project/starlette/)

  

## Installation

  

```powershell

pip install Secweb

```

## Usage

The package Secweb can be used in two different ways

  

1. To use SecWeb class it includes all the 16 classes together

<br>

  

2. To use the 16 middleware classes separately

<br>

  

### SecWeb class

  

```Python

from Secweb import SecWeb

  

SecWeb(app=app) # The app is the ASGIapp required by the starlette to give access to the different methods to the class

```

The above example uses all the default headers value that are are preset you can change the values by creating the option dict you can also set flags for nonce generation for csp header using the `script_nonce=True` and `style_nonce=True` flags also `report_only` flag is added for csp report only header. For Clear-Site-Data header `Routes=[]` array is used for applying the header it is empty by default.

  

```Python

from Secweb import SecWeb

  

SecWeb(app=app, Option={'referrer': {'Referrer-Policy': 'no-referrer'}}, Routes=[], script_nonce=False, style_nonce=False, report_only=False)

```

The Option uses 16 keys for calling middleware classes to set the user-defined policies or activating\deactivating header(s).

##### Note: Activating/Deactivating the header can only be done in SecWeb class in Option param, eg:

```Python
from Secweb import SecWeb

Secweb(app=app, Option={'referrer': False, 'xframe': False})
```


The values are as follows:

  

1.  `'csp'` for calling ContentSecurityPolicy class to set the user-defined values or activate/deactivate the header

<br>

  

2.  `'referrer'` for calling ReferrerPolicy class to set the user-defined values or activate/deactivate the header

<br>

  

3.  `'xdns'` for calling XDNSPrefetchControl class to set the user-defined values or activate/deactivate the header

<br>

  

4.  `'xcdp'` for calling XPermittedCrossDomainPolicies class to set the user-defined values or activate/deactivate the header

<br>

  

5.  `'hsts'` for calling HSTS class to set the user-defined values or activate/deactivate the header

<br>

  

6.  `'wshsts'` for calling WsHSTS class to set the user-defined values for Websockets or activate/deactivate the header

<br>

  

7.  `'xframe'` for calling XFrame class to set the user-defined values or activate/deactivate the header

<br>

  

8.  `'coep'` for calling CrossOriginEmbedderPolicy class to set the user-defined values or activate/deactivate the header

<br>

  

9.  `'coop'` for calling CrossOriginOpenerPolicy class to set the user-defined values or activate/deactivate the header

<br>

  

10.  `'corp'` for calling CrossOriginResourcePolicy class to set the user-defined values or activate/deactivate the header

<br>

  

11.  `'clearSiteData'` for calling ClearSiteData class to set the user-defined values or activate/deactivate the header

<br>

  

12.  `'cacheControl'` for calling CacheControl class to set the user-defined values or activate/deactivate the header

<br>

13. `'xcto'` for activating/deactivating X-Content-Type-Options header

<br>

14. `'xdo'` for activating/deactivating X-Download-Options header

<br>

15. `'xss'` for activating/deactivating x-xss-protection header

<br>

16. `'oac'` for activating/deactivating Origin-Agent-Cluster header

```python

# Example of the values

SecWeb(app=app, Option={'csp': {'default-src': ["'self'"]}, 'xframe': {'X-Frame-Options': 'SAMEORIGIN'}, 'hsts': {'max-age': 4, 'preload': True}, 'wshsts': {'max-age': 10, 'preload': True},'xcdp': {'X-Permitted-Cross-Domain-Policies': 'all'}, 'xdns': {'X-DNS-Prefetch-Control': 'on'}, 'referrer': {'Referrer-Policy': 'no-referrer'}, 'coep': {'Cross-Origin-Embedder-Policy': 'require-corp'}, 'coop': {'Cross-Origin-Opener-Policy': 'same-origin-allow-popups'}, 'corp': {'Cross-Origin-Resource-Policy': 'same-site'}, 'clearSiteData': {'cache': True, 'storage': True}, 'cacheControl': {'public': True, 's-maxage': 600}, 'xss': False}, Routes=['/login/{id}', '/logout/{id:uuid}/username/{username:string}'])

```

### Middleware Classes

  

#### Content Security Policy (CSP)

  

ContentSecurityPolicy class sets the csp header

  

The Nonce_Processor module generates nonce for csp header

  

Nonce Processor

  

```python

# Some Code

nonce = Nonce_Processor(DEFAULT_ENTROPY=90) # inject the nonce variable into the jinja or html

# Some Code

```

DEFAULT_ENTROPY is used to set the nonce length.

The nonce processor needs to be called on the route the following example is of FastApi calling the nonce processor on the route

  

```python

from fastapi import FastAPI

from Secweb.ContentSecurityPolicy import Nonce_Processor

  

app = FastAPI()

  
  

@app.get("/")

async  def  root():

# some code

nonce = Nonce_Processor(DEFAULT_ENTROPY=90) # inject the nonce variable into the jinja or html

# some more code

```

ContentSecurityPolicy

  

This is for the FastApi

  

```python

from fastapi import FastAPI

from Secweb.ContentSecurityPolicy import Nonce_Processor

  

app = FastAPI()

  

app.add_middleware(ContentSecurityPolicy, Option={'default-src': ["'self'"], 'base-uri': ["'self'"], 'block-all-mixed-content': []}, script_nonce=False, style_nonce=False, report_only=False)

```

  

This is for the Starlette

  

```python

from starlette.applications import Starlette

from Secweb.ContentSecurityPolicy import Nonce_Processor

  

app = Starlette()

  

app.add_middleware(ContentSecurityPolicy, Option={'default-src': ["'self'"], 'base-uri': ["'self'"], 'block-all-mixed-content': []}, script_nonce=False, style_nonce=False, report_only=False)

```

script_nonce=False This is the nonce flag for inline Js

  

style_nonce=False This is the nonce flag for inline css



report_only=False This is the report only flag which makes csp report only header


For more detail on CSP header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy)


For more detail on CSP-report-only header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only)

  

#### Origin Agent Cluster

  

OriginAgentCluster class sets the Origin-Agent-Cluster header the class takes no parameters

  

```python

from fastapi import FastAPI

from Secweb.OriginAgentCluster import OriginAgentCluster

  

app = FastAPI()

  

app.add_middleware(OriginAgentCluster)

  

# OR

  

from starlette.applications import Starlette

from Secweb.OriginAgentCluster import OriginAgentCluster

  

app = Starlette()

  

app.add_middleware(OriginAgentCluster)

```

For more detail on Origin-Agent-Cluster header go to this [WHATWG Site](https://html.spec.whatwg.org/multipage/origin.html#origin-keyed-agent-clusters)

  

#### Referrer Policy

  

ReferrerPolicy class sets the Referrer-Policy header

  

```python

from fastapi import FastAPI

from Secweb.ReferrerPolicy import ReferrerPolicy

  

app = FastAPI()

  

app.add_middleware(ReferrerPolicy, Option={'Referrer-Policy': 'strict-origin-when-cross-origin'})

  

# OR

  

from starlette.applications import Starlette

from Secweb.ReferrerPolicy import ReferrerPolicy

  

app = Starlette()

  

app.add_middleware(ReferrerPolicy, Option={'Referrer-Policy': 'strict-origin-when-cross-origin'})

```

For more detail on Referrer-Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy)

  

#### HTTP Strict Transport Security (HSTS)

  

HSTS class sets the Strict-Transport-Security header

  

```python

from fastapi import FastAPI

from Secweb.StrictTransportSecurity import HSTS

  

app = FastAPI()

  

app.add_middleware(HSTS, Option={'max-age': 4, 'preload': True})

  

# OR

  

from starlette.applications import Starlette

from Secweb.StrictTransportSecurity import HSTS

  

app = Starlette()

  

app.add_middleware(HSTS, Option={'max-age': 4, 'preload': True})

```

For more detail on Strict-Transport-Security header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)

  

#### HTTP Strict Transport Security (HSTS) for WebSockets

  

HSTS class sets the Strict-Transport-Security header for Websockets

  

```python

from fastapi import FastAPI

from Secweb.WsStrictTransportSecurity import WsHSTS

  

app = FastAPI()

  

app.add_middleware(WsHSTS, Option={'max-age': 4, 'preload': True})

  

# OR

  

from starlette.applications import Starlette

from Secweb.WsStrictTransportSecurity import WsHSTS

  

app = Starlette()

  

app.add_middleware(WsHSTS, Option={'max-age': 4, 'preload': True})

```

For more detail on Strict-Transport-Security header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)

  

#### X-Content-Type-Options

  

XContentTypeOptions class sets the X-Content-Type-Options header the class takes no parameters

  

```python

from fastapi import FastAPI

from Secweb.XContentTypeOptions import XContentTypeOptions

  

app = FastAPI()

  

app.add_middleware(XContentTypeOptions)

  

# OR

  

from starlette.applications import Starlette

from Secweb.XContentTypeOptions import XContentTypeOptions

  

app = Starlette()

  

app.add_middleware(XContentTypeOptions)

```

For more detail on X-Content-Type-Options header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)

  

#### X-DNS-Prefetch-Control

  

XDNSPrefetchControl class sets the X-DNS-Prefetch-Control header

  

```python

from fastapi import FastAPI

from Secweb.XDNSPrefetchControl import XDNSPrefetchControl

  

app = FastAPI()

  

app.add_middleware(XDNSPrefetchControl, Option={'X-DNS-Prefetch-Control': 'on'})

  

# OR

  

from starlette.applications import Starlette

from Secweb.XDNSPrefetchControl import XDNSPrefetchControl

  

app = Starlette()

  

app.add_middleware(XDNSPrefetchControl, Option={'X-DNS-Prefetch-Control': 'off'})

```

For more detail on X-DNS-Prefetch-Control header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control)

  

#### X-Download-Options

  

XDownloadOptions class sets the X-Download-Options header the class takes no parameter

  

```python

from fastapi import FastAPI

from Secweb.XDownloadOptions import XDownloadOptions

  

app = FastAPI()

  

app.add_middleware(XDownloadOptions)

  

# OR

  

from starlette.applications import Starlette

from Secweb.XDownloadOptions import XDownloadOptions

  

app = Starlette()

  

app.add_middleware(XDownloadOptions)

```

  

#### X-Frame

  

XFrame class sets the X-Frame-Options header

  

```python

from fastapi import FastAPI

from Secweb.XFrameOptions import XFrame

  

app = FastAPI()

  

app.add_middleware(XFrame, Option={'X-Frame-Options': 'DENY'})

  

# OR

  

from starlette.applications import Starlette

from Secweb.XFrameOptions import XFrame

  

app = Starlette()

  

app.add_middleware(XFrame, Option={'X-Frame-Options': 'DENY'})

```

For more detail on X-Frame-Options header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)

  

#### X-Permitted-Cross-Domain-Policies

  

XPermittedCrossDomainPolicies class sets the X-Permitted-Cross-Domain-Policies header

  

```python

from fastapi import FastAPI

from Secweb.XPermittedCrossDomainPolicies import XPermittedCrossDomainPolicies

  

app = FastAPI()

  

app.add_middleware(XPermittedCrossDomainPolicies, Option={'X-Permitted-Cross-Domain-Policies': 'none'})

  

# OR

  

from starlette.applications import Starlette

from Secweb.XPermittedCrossDomainPolicies import XPermittedCrossDomainPolicies

  

app = Starlette()

  

app.add_middleware(XPermittedCrossDomainPolicies, Option={'X-Permitted-Cross-Domain-Policies': 'none'})

```

For more detail on X-Permitted-Cross-Domain-Policies header go to this [OWASP Site](https://owasp.org/www-project-secure-headers/#x-permitted-cross-domain-policies)

  

#### X-XSS-Protection

  

xXSSProtection class sets the X-XSS-Protection header the class takes no parameter

  

```python

from fastapi import FastAPI

from Secweb.xXSSProtection import xXSSProtection

  

app = FastAPI()

  

app.add_middleware(xXSSProtection)

  

# OR

  

from starlette.applications import Starlette

from Secweb.xXSSProtection import xXSSProtection

  

app = Starlette()

  

app.add_middleware(xXSSProtection)

```

For more detail on X-XSS-Protection header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)

  

#### Cross Origin Embedder Policy

  

CrossOriginEmbedderPolicy class sets the Cross Origin Embedder Policy header

  

```python

from fastapi import FastAPI

from Secweb.CrossOriginEmbedderPolicy import CrossOriginEmbedderPolicy

  

app = FastAPI()

  

app.add_middleware(CrossOriginEmbedderPolicy, Option={'Cross-Origin-Embedder-Policy': 'unsafe-none'})

  

# OR

  

from starlette.applications import Starlette

from Secweb.CrossOriginEmbedderPolicy import CrossOriginEmbedderPolicy

  

app = Starlette()

  

app.add_middleware(CrossOriginEmbedderPolicy, Option={'Cross-Origin-Embedder-Policy': 'unsafe-none'})

```

For more detail on Cross Origin Embedder Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy)

  

#### Cross Origin Opener Policy

  

CrossOriginOpenerPolicy class sets the Cross Origin Opener Policy header

  

```python

from fastapi import FastAPI

from Secweb.CrossOriginOpenerPolicy import CrossOriginOpenerPolicy

  

app = FastAPI()

  

app.add_middleware(CrossOriginOpenerPolicy, Option={'Cross-Origin-Opener-Policy': 'unsafe-none'})

  

# OR

  

from starlette.applications import Starlette

from Secweb.CrossOriginOpenerPolicy import CrossOriginOpenerPolicy

  

app = Starlette()

  

app.add_middleware(CrossOriginOpenerPolicy, Option={'Cross-Origin-Opener-Policy': 'unsafe-none'})

```

For more detail on Cross Origin Opener Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy)

  

#### Cross Origin Resource Policy

  

CrossOriginResourcePolicy class sets the Cross Origin Resource Policy header. You have to call the CrossOriginResourcePolicy class explicitly by providing the 'corp' key in the Option dictionary.

  

```python

from fastapi import FastAPI

from Secweb.CrossOriginResourcePolicy import CrossOriginResourcePolicy

  

app = FastAPI()

  

app.add_middleware(CrossOriginResourcePolicy, Option={'Cross-Origin-Resource-Policy': 'same-site'})

  

# OR

  

from starlette.applications import Starlette

from Secweb.CrossOriginResourcePolicy import CrossOriginResourcePolicy

  

app = Starlette()

  

app.add_middleware(CrossOriginResourcePolicy, Option={'Cross-Origin-Resource-Policy': 'same-site'})

```

For more detail on Cross Origin Resource Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy)

  

#### Clear Site Data

  

ClearSiteData class sets the Clear-Site-Data header. In this class the routes array is compulsory so that the header can only be applied to the specified route as it clears every data on the users browser you can add static, dynamic routes like shown below.

  

```python

from fastapi import FastAPI

from Secweb.ClearSiteData import ClearSiteData

  

app = FastAPI()

  

app.add_middleware(ClearSiteData, Option={'cookies': True}, Routes=['/login', '/logout/{id}'])

  

# OR

  

from starlette.applications import Starlette

from Secweb.ClearSiteData import ClearSiteData

  

app = Starlette()

  

app.add_middleware(ClearSiteData, Option={'cookies': True}, Routes=['/login', '/logout/{id}'])

```

For more detail on Clear Site Data Header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data)

  

#### Cache Control

  

CacheControl class sets the Cache-Control header. This is useful for controlling cached data on user`s browser

  

```python

from fastapi import FastAPI

from Secweb.CacheControl import CacheControl

  

app = FastAPI()

  

app.add_middleware(CacheControl, Option={'s-maxage': 600, 'public': True})

  

# OR

  

from starlette.applications import Starlette

from Secweb.CacheControl import CacheControl

  

app = Starlette()

  

app.add_middleware(CacheControl, Option={'s-maxage': 600, 'public': True})

```

For more detail on Cache Control Header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control)

  

## Contributing

Pull requests and Issues are welcome. For major changes, please open an issue first to discuss what you would like to change.

  

<br>

  

[Github](https://github.com/tmotagam/Secweb)

  

## License

[MLP 2.0](https://www.mozilla.org/en-US/MPL/2.0/)

  

## Secweb Icon

  

[Secweb Icon](https://github.com/tmotagam/Secweb/blob/main/Secweb.jpg) © 2021 - 2024 by [Motagamwala Taha Arif Ali](https://github.com/tmotagam) is licensed under [Attribution-NonCommercial-NoDerivatives 4.0 International](https://creativecommons.org/licenses/by-nc-nd/4.0/?ref=chooser-v1)

            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "Secweb",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.7",
    "maintainer_email": null,
    "keywords": "fastapi security header, security header, starlette security header, secweb, fastapi csp, starlette csp, csp",
    "author": null,
    "author_email": "Motagamwala Taha Arif Ali <tahaar5321@gmail.com>",
    "download_url": "https://files.pythonhosted.org/packages/a9/0f/54bd3b252bb09ab1e24b64b020f21a18f046e79a0cf81d228ab0e0d08f84/secweb-1.11.0.tar.gz",
    "platform": null,
    "description": "<p  align = \"center\"><img  alt=\"Secweb logo\"  src=\"https://raw.githubusercontent.com/tmotagam/Secweb/main/Secweb.jpg\"></p>\r\n\r\n  \r\n\r\n<p  align=\"center\"><em>Secweb helps in setting security headers for FastApi and Starlette</em></p>\r\n\r\n  \r\n\r\n---\r\n\r\n<br>\r\n\r\n  \r\n\r\nSecweb is the pack of middlewares for setting security headers for fastapi and can also be used for any framework created on starlette it has 16 middlewares for setting headers of your website and also for your api(s).\r\n\r\n  \r\n\r\n#### The PermissionsPolicy middleware lies in development branch [here](https://github.com/tmotagam/Secweb/tree/Secweb-Beta#readme)\r\n\r\n  \r\n\r\nThe list of middleware is as follows:\r\n\r\n  \r\n\r\n1. Content Security Policy (CSP)\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n2. Origin Agent Cluster\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n3. Referrer Policy\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n4. HTTP Strict Transport Security(HSTS)\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n5. HTTP Strict Transport Security(HSTS) for WebSockets\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n6. X-Content-Type-Options\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n7. X-DNS-Prefetch-Control\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n8. X-Download-Options\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n9. X-Frame\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n10. X-Permitted-Cross-Domain-Policies\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n11. X-XSS-Protection\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n12. Cross-Origin-Embedder-Policy\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n13. Cross-Origin-Opener-Policy\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n14. Cross-Origin-Resource-Policy\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n15. Clear-Site-Data\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n16. Cache-Control\r\n\r\n  \r\n\r\n## Requirements\r\n\r\n  \r\n\r\n* [Python >= 3.7](https://www.python.org/downloads/)\r\n\r\n  \r\n\r\n* [Starlette](https://pypi.org/project/starlette/)\r\n\r\n  \r\n\r\n## Installation\r\n\r\n  \r\n\r\n```powershell\r\n\r\npip install Secweb\r\n\r\n```\r\n\r\n## Usage\r\n\r\nThe package Secweb can be used in two different ways\r\n\r\n  \r\n\r\n1. To use SecWeb class it includes all the 16 classes together\r\n\r\n<br>\r\n\r\n  \r\n\r\n2. To use the 16 middleware classes separately\r\n\r\n<br>\r\n\r\n  \r\n\r\n### SecWeb class\r\n\r\n  \r\n\r\n```Python\r\n\r\nfrom Secweb import SecWeb\r\n\r\n  \r\n\r\nSecWeb(app=app) # The app is the ASGIapp required by the starlette to give access to the different methods to the class\r\n\r\n```\r\n\r\nThe above example uses all the default headers value that are are preset you can change the values by creating the option dict you can also set flags for nonce generation for csp header using the `script_nonce=True` and `style_nonce=True` flags also `report_only` flag is added for csp report only header. For Clear-Site-Data header `Routes=[]` array is used for applying the header it is empty by default.\r\n\r\n  \r\n\r\n```Python\r\n\r\nfrom Secweb import SecWeb\r\n\r\n  \r\n\r\nSecWeb(app=app, Option={'referrer': {'Referrer-Policy': 'no-referrer'}}, Routes=[], script_nonce=False, style_nonce=False, report_only=False)\r\n\r\n```\r\n\r\nThe Option uses 16 keys for calling middleware classes to set the user-defined policies or activating\\deactivating header(s).\r\n\r\n##### Note: Activating/Deactivating the header can only be done in SecWeb class in Option param, eg:\r\n\r\n```Python\r\nfrom Secweb import SecWeb\r\n\r\nSecweb(app=app, Option={'referrer': False, 'xframe': False})\r\n```\r\n\r\n\r\nThe values are as follows:\r\n\r\n  \r\n\r\n1.  `'csp'` for calling ContentSecurityPolicy class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n2.  `'referrer'` for calling ReferrerPolicy class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n3.  `'xdns'` for calling XDNSPrefetchControl class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n4.  `'xcdp'` for calling XPermittedCrossDomainPolicies class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n5.  `'hsts'` for calling HSTS class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n6.  `'wshsts'` for calling WsHSTS class to set the user-defined values for Websockets or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n7.  `'xframe'` for calling XFrame class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n8.  `'coep'` for calling CrossOriginEmbedderPolicy class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n9.  `'coop'` for calling CrossOriginOpenerPolicy class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n10.  `'corp'` for calling CrossOriginResourcePolicy class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n11.  `'clearSiteData'` for calling ClearSiteData class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n  \r\n\r\n12.  `'cacheControl'` for calling CacheControl class to set the user-defined values or activate/deactivate the header\r\n\r\n<br>\r\n\r\n13. `'xcto'` for activating/deactivating X-Content-Type-Options header\r\n\r\n<br>\r\n\r\n14. `'xdo'` for activating/deactivating X-Download-Options header\r\n\r\n<br>\r\n\r\n15. `'xss'` for activating/deactivating x-xss-protection header\r\n\r\n<br>\r\n\r\n16. `'oac'` for activating/deactivating Origin-Agent-Cluster header\r\n\r\n```python\r\n\r\n# Example of the values\r\n\r\nSecWeb(app=app, Option={'csp': {'default-src': [\"'self'\"]}, 'xframe': {'X-Frame-Options': 'SAMEORIGIN'}, 'hsts': {'max-age': 4, 'preload': True}, 'wshsts': {'max-age': 10, 'preload': True},'xcdp': {'X-Permitted-Cross-Domain-Policies': 'all'}, 'xdns': {'X-DNS-Prefetch-Control': 'on'}, 'referrer': {'Referrer-Policy': 'no-referrer'}, 'coep': {'Cross-Origin-Embedder-Policy': 'require-corp'}, 'coop': {'Cross-Origin-Opener-Policy': 'same-origin-allow-popups'}, 'corp': {'Cross-Origin-Resource-Policy': 'same-site'}, 'clearSiteData': {'cache': True, 'storage': True}, 'cacheControl': {'public': True, 's-maxage': 600}, 'xss': False}, Routes=['/login/{id}', '/logout/{id:uuid}/username/{username:string}'])\r\n\r\n```\r\n\r\n### Middleware Classes\r\n\r\n  \r\n\r\n#### Content Security Policy (CSP)\r\n\r\n  \r\n\r\nContentSecurityPolicy class sets the csp header\r\n\r\n  \r\n\r\nThe Nonce_Processor module generates nonce for csp header\r\n\r\n  \r\n\r\nNonce Processor\r\n\r\n  \r\n\r\n```python\r\n\r\n# Some Code\r\n\r\nnonce = Nonce_Processor(DEFAULT_ENTROPY=90) # inject the nonce variable into the jinja or html\r\n\r\n# Some Code\r\n\r\n```\r\n\r\nDEFAULT_ENTROPY is used to set the nonce length.\r\n\r\nThe nonce processor needs to be called on the route the following example is of FastApi calling the nonce processor on the route\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.ContentSecurityPolicy import Nonce_Processor\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n  \r\n\r\n@app.get(\"/\")\r\n\r\nasync  def  root():\r\n\r\n# some code\r\n\r\nnonce = Nonce_Processor(DEFAULT_ENTROPY=90) # inject the nonce variable into the jinja or html\r\n\r\n# some more code\r\n\r\n```\r\n\r\nContentSecurityPolicy\r\n\r\n  \r\n\r\nThis is for the FastApi\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.ContentSecurityPolicy import Nonce_Processor\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(ContentSecurityPolicy, Option={'default-src': [\"'self'\"], 'base-uri': [\"'self'\"], 'block-all-mixed-content': []}, script_nonce=False, style_nonce=False, report_only=False)\r\n\r\n```\r\n\r\n  \r\n\r\nThis is for the Starlette\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.ContentSecurityPolicy import Nonce_Processor\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(ContentSecurityPolicy, Option={'default-src': [\"'self'\"], 'base-uri': [\"'self'\"], 'block-all-mixed-content': []}, script_nonce=False, style_nonce=False, report_only=False)\r\n\r\n```\r\n\r\nscript_nonce=False This is the nonce flag for inline Js\r\n\r\n  \r\n\r\nstyle_nonce=False This is the nonce flag for inline css\r\n\r\n\r\n\r\nreport_only=False This is the report only flag which makes csp report only header\r\n\r\n\r\nFor more detail on CSP header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy)\r\n\r\n\r\nFor more detail on CSP-report-only header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only)\r\n\r\n  \r\n\r\n#### Origin Agent Cluster\r\n\r\n  \r\n\r\nOriginAgentCluster class sets the Origin-Agent-Cluster header the class takes no parameters\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.OriginAgentCluster import OriginAgentCluster\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(OriginAgentCluster)\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.OriginAgentCluster import OriginAgentCluster\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(OriginAgentCluster)\r\n\r\n```\r\n\r\nFor more detail on Origin-Agent-Cluster header go to this [WHATWG Site](https://html.spec.whatwg.org/multipage/origin.html#origin-keyed-agent-clusters)\r\n\r\n  \r\n\r\n#### Referrer Policy\r\n\r\n  \r\n\r\nReferrerPolicy class sets the Referrer-Policy header\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.ReferrerPolicy import ReferrerPolicy\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(ReferrerPolicy, Option={'Referrer-Policy': 'strict-origin-when-cross-origin'})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.ReferrerPolicy import ReferrerPolicy\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(ReferrerPolicy, Option={'Referrer-Policy': 'strict-origin-when-cross-origin'})\r\n\r\n```\r\n\r\nFor more detail on Referrer-Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy)\r\n\r\n  \r\n\r\n#### HTTP Strict Transport Security (HSTS)\r\n\r\n  \r\n\r\nHSTS class sets the Strict-Transport-Security header\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.StrictTransportSecurity import HSTS\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(HSTS, Option={'max-age': 4, 'preload': True})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.StrictTransportSecurity import HSTS\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(HSTS, Option={'max-age': 4, 'preload': True})\r\n\r\n```\r\n\r\nFor more detail on Strict-Transport-Security header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)\r\n\r\n  \r\n\r\n#### HTTP Strict Transport Security (HSTS) for WebSockets\r\n\r\n  \r\n\r\nHSTS class sets the Strict-Transport-Security header for Websockets\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.WsStrictTransportSecurity import WsHSTS\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(WsHSTS, Option={'max-age': 4, 'preload': True})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.WsStrictTransportSecurity import WsHSTS\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(WsHSTS, Option={'max-age': 4, 'preload': True})\r\n\r\n```\r\n\r\nFor more detail on Strict-Transport-Security header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)\r\n\r\n  \r\n\r\n#### X-Content-Type-Options\r\n\r\n  \r\n\r\nXContentTypeOptions class sets the X-Content-Type-Options header the class takes no parameters\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.XContentTypeOptions import XContentTypeOptions\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(XContentTypeOptions)\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.XContentTypeOptions import XContentTypeOptions\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(XContentTypeOptions)\r\n\r\n```\r\n\r\nFor more detail on X-Content-Type-Options header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)\r\n\r\n  \r\n\r\n#### X-DNS-Prefetch-Control\r\n\r\n  \r\n\r\nXDNSPrefetchControl class sets the X-DNS-Prefetch-Control header\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.XDNSPrefetchControl import XDNSPrefetchControl\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(XDNSPrefetchControl, Option={'X-DNS-Prefetch-Control': 'on'})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.XDNSPrefetchControl import XDNSPrefetchControl\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(XDNSPrefetchControl, Option={'X-DNS-Prefetch-Control': 'off'})\r\n\r\n```\r\n\r\nFor more detail on X-DNS-Prefetch-Control header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control)\r\n\r\n  \r\n\r\n#### X-Download-Options\r\n\r\n  \r\n\r\nXDownloadOptions class sets the X-Download-Options header the class takes no parameter\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.XDownloadOptions import XDownloadOptions\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(XDownloadOptions)\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.XDownloadOptions import XDownloadOptions\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(XDownloadOptions)\r\n\r\n```\r\n\r\n  \r\n\r\n#### X-Frame\r\n\r\n  \r\n\r\nXFrame class sets the X-Frame-Options header\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.XFrameOptions import XFrame\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(XFrame, Option={'X-Frame-Options': 'DENY'})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.XFrameOptions import XFrame\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(XFrame, Option={'X-Frame-Options': 'DENY'})\r\n\r\n```\r\n\r\nFor more detail on X-Frame-Options header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)\r\n\r\n  \r\n\r\n#### X-Permitted-Cross-Domain-Policies\r\n\r\n  \r\n\r\nXPermittedCrossDomainPolicies class sets the X-Permitted-Cross-Domain-Policies header\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.XPermittedCrossDomainPolicies import XPermittedCrossDomainPolicies\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(XPermittedCrossDomainPolicies, Option={'X-Permitted-Cross-Domain-Policies': 'none'})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.XPermittedCrossDomainPolicies import XPermittedCrossDomainPolicies\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(XPermittedCrossDomainPolicies, Option={'X-Permitted-Cross-Domain-Policies': 'none'})\r\n\r\n```\r\n\r\nFor more detail on X-Permitted-Cross-Domain-Policies header go to this [OWASP Site](https://owasp.org/www-project-secure-headers/#x-permitted-cross-domain-policies)\r\n\r\n  \r\n\r\n#### X-XSS-Protection\r\n\r\n  \r\n\r\nxXSSProtection class sets the X-XSS-Protection header the class takes no parameter\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.xXSSProtection import xXSSProtection\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(xXSSProtection)\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.xXSSProtection import xXSSProtection\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(xXSSProtection)\r\n\r\n```\r\n\r\nFor more detail on X-XSS-Protection header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)\r\n\r\n  \r\n\r\n#### Cross Origin Embedder Policy\r\n\r\n  \r\n\r\nCrossOriginEmbedderPolicy class sets the Cross Origin Embedder Policy header\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.CrossOriginEmbedderPolicy import CrossOriginEmbedderPolicy\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(CrossOriginEmbedderPolicy, Option={'Cross-Origin-Embedder-Policy': 'unsafe-none'})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.CrossOriginEmbedderPolicy import CrossOriginEmbedderPolicy\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(CrossOriginEmbedderPolicy, Option={'Cross-Origin-Embedder-Policy': 'unsafe-none'})\r\n\r\n```\r\n\r\nFor more detail on Cross Origin Embedder Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy)\r\n\r\n  \r\n\r\n#### Cross Origin Opener Policy\r\n\r\n  \r\n\r\nCrossOriginOpenerPolicy class sets the Cross Origin Opener Policy header\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.CrossOriginOpenerPolicy import CrossOriginOpenerPolicy\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(CrossOriginOpenerPolicy, Option={'Cross-Origin-Opener-Policy': 'unsafe-none'})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.CrossOriginOpenerPolicy import CrossOriginOpenerPolicy\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(CrossOriginOpenerPolicy, Option={'Cross-Origin-Opener-Policy': 'unsafe-none'})\r\n\r\n```\r\n\r\nFor more detail on Cross Origin Opener Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy)\r\n\r\n  \r\n\r\n#### Cross Origin Resource Policy\r\n\r\n  \r\n\r\nCrossOriginResourcePolicy class sets the Cross Origin Resource Policy header. You have to call the CrossOriginResourcePolicy class explicitly by providing the 'corp' key in the Option dictionary.\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.CrossOriginResourcePolicy import CrossOriginResourcePolicy\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(CrossOriginResourcePolicy, Option={'Cross-Origin-Resource-Policy': 'same-site'})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.CrossOriginResourcePolicy import CrossOriginResourcePolicy\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(CrossOriginResourcePolicy, Option={'Cross-Origin-Resource-Policy': 'same-site'})\r\n\r\n```\r\n\r\nFor more detail on Cross Origin Resource Policy header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy)\r\n\r\n  \r\n\r\n#### Clear Site Data\r\n\r\n  \r\n\r\nClearSiteData class sets the Clear-Site-Data header. In this class the routes array is compulsory so that the header can only be applied to the specified route as it clears every data on the users browser you can add static, dynamic routes like shown below.\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.ClearSiteData import ClearSiteData\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(ClearSiteData, Option={'cookies': True}, Routes=['/login', '/logout/{id}'])\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.ClearSiteData import ClearSiteData\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(ClearSiteData, Option={'cookies': True}, Routes=['/login', '/logout/{id}'])\r\n\r\n```\r\n\r\nFor more detail on Clear Site Data Header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data)\r\n\r\n  \r\n\r\n#### Cache Control\r\n\r\n  \r\n\r\nCacheControl class sets the Cache-Control header. This is useful for controlling cached data on user`s browser\r\n\r\n  \r\n\r\n```python\r\n\r\nfrom fastapi import FastAPI\r\n\r\nfrom Secweb.CacheControl import CacheControl\r\n\r\n  \r\n\r\napp = FastAPI()\r\n\r\n  \r\n\r\napp.add_middleware(CacheControl, Option={'s-maxage': 600, 'public': True})\r\n\r\n  \r\n\r\n# OR\r\n\r\n  \r\n\r\nfrom starlette.applications import Starlette\r\n\r\nfrom Secweb.CacheControl import CacheControl\r\n\r\n  \r\n\r\napp = Starlette()\r\n\r\n  \r\n\r\napp.add_middleware(CacheControl, Option={'s-maxage': 600, 'public': True})\r\n\r\n```\r\n\r\nFor more detail on Cache Control Header go to this [MDN Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control)\r\n\r\n  \r\n\r\n## Contributing\r\n\r\nPull requests and Issues are welcome. For major changes, please open an issue first to discuss what you would like to change.\r\n\r\n  \r\n\r\n<br>\r\n\r\n  \r\n\r\n[Github](https://github.com/tmotagam/Secweb)\r\n\r\n  \r\n\r\n## License\r\n\r\n[MLP 2.0](https://www.mozilla.org/en-US/MPL/2.0/)\r\n\r\n  \r\n\r\n## Secweb Icon\r\n\r\n  \r\n\r\n[Secweb Icon](https://github.com/tmotagam/Secweb/blob/main/Secweb.jpg) \u00a9 2021 - 2024 by [Motagamwala Taha Arif Ali](https://github.com/tmotagam) is licensed under [Attribution-NonCommercial-NoDerivatives 4.0 International](https://creativecommons.org/licenses/by-nc-nd/4.0/?ref=chooser-v1)\r\n",
    "bugtrack_url": null,
    "license": null,
    "summary": "Secweb is a pack of security middlewares for fastApi and starlette servers it includes CSP, HSTS, and many more",
    "version": "1.11.0",
    "project_urls": {
        "Documentation": "https://github.com/tmotagam/Secweb#readme",
        "Homepage": "https://github.com/tmotagam/Secweb",
        "Issues": "https://github.com/tmotagam/Secweb/issues",
        "Repository": "https://github.com/tmotagam/Secweb.git"
    },
    "split_keywords": [
        "fastapi security header",
        " security header",
        " starlette security header",
        " secweb",
        " fastapi csp",
        " starlette csp",
        " csp"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "381607e06931901709b67194b93334ad85460b255d972e97270fe31f843b84d0",
                "md5": "653955b62e5354562d8a924c56f89d4b",
                "sha256": "2e398e65f053488e1c2caa79b5dc285f3c7ba5c639da49f2648dc41a04e59781"
            },
            "downloads": -1,
            "filename": "Secweb-1.11.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "653955b62e5354562d8a924c56f89d4b",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.7",
            "size": 39075,
            "upload_time": "2024-06-18T06:57:07",
            "upload_time_iso_8601": "2024-06-18T06:57:07.584457Z",
            "url": "https://files.pythonhosted.org/packages/38/16/07e06931901709b67194b93334ad85460b255d972e97270fe31f843b84d0/Secweb-1.11.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "a90f54bd3b252bb09ab1e24b64b020f21a18f046e79a0cf81d228ab0e0d08f84",
                "md5": "deb3272cb6217fd3f2bc9604e4083cf7",
                "sha256": "76fd7971209faa576e9a634810c7b29035eaa23abea611ee9c7b78b9337d5f7d"
            },
            "downloads": -1,
            "filename": "secweb-1.11.0.tar.gz",
            "has_sig": false,
            "md5_digest": "deb3272cb6217fd3f2bc9604e4083cf7",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.7",
            "size": 25518,
            "upload_time": "2024-06-18T06:57:11",
            "upload_time_iso_8601": "2024-06-18T06:57:11.650226Z",
            "url": "https://files.pythonhosted.org/packages/a9/0f/54bd3b252bb09ab1e24b64b020f21a18f046e79a0cf81d228ab0e0d08f84/secweb-1.11.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-06-18 06:57:11",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "tmotagam",
    "github_project": "Secweb#readme",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "lcname": "secweb"
}
        
Elapsed time: 0.25273s