Package collector provides a function for creating violation report handlers.

Package coop provides Cross-Origin-Opener-Policy protection.

Package cors provides a safehttp.Interceptor that handles CORS requests.

Package csp provides a safehttp.Interceptor which applies Content-Security Policies to responses.

Package fetchmetadata provides Fetch-Metadata based protections.

Package framing provides utilities to install a comprehensive framing protection.

Package hostcheck provides a plugin that checks whether the request is intended to be sent to a given host.

Package hsts provides HTTP Strict Transport Security.

Package htmlinject provides utilities to pre-process HTML templates and inject additional parts into them before parsing.

Package reportingapi is an implementation of the Report-To header described in https://www.w3.org/TR/reporting/#header.

Package staticheaders provides a safehttp.Interceptor which sets security sensitive headers on every response.

Package xsrf contains helper functions for the safehttp.Interceptor that provide protection against Cross-Site Request Forgery attacks.