modulepackage
0.0.0-20210407125106-11af2ba796d3
Repository: https://github.com/lmas/web.git
Documentation: pkg.go.dev
# README
web
Yet another minimal and personal DIY web framework for golang.
Goals
-
Security
Safe by default, using documented best practices
-
Minimalism
Cherry-picking of features, avoiding 3rd party dependecies
-
Sane Defaults
Minimal configuration required, good performance without ugly hacks
Status
Under development.
License
MIT licensed. See the LICENSE file for details.
References
Security
-
General web security recommendations (feels up to date, lot's of http headers available)
https://almanac.httparchive.org/en/2020/security https://owasp.org/www-project-secure-headers/
-
Go web server recommendations (somewhat out of date?)
https://blog.cloudflare.com/exposing-go-on-the-internet/ https://juliensalinas.com/en/security-golang-website/
-
TLS best practices (and with a good config generator)
https://wiki.mozilla.org/Security/Server_Side_TLS https://www.ssllabs.com/ssl-pulse/
-
Go's TLS defaults (cipher suits etc.)
https://go.googlesource.com/go/+blame/go1.15.6/src/crypto/tls/common.go
-
Checking for issues in the source code
https://github.com/golang/lint https://github.com/securego/gosec
# Packages
No description provided by the author
# Functions
LoadTemplates is a helper for quickly loading template files from a dir (using a filepath.Glob pattern) and an optional FuncMap.
LoadTemplatesWithLayout works basicly in the same way as LoadTemplates, except (!) the first template will be used as the base layout for the other templates.
NewMux returns a new Mux that implements the http.Handler interface and can be run with http.ListenAndServe(":8000", handler).
NewServer creates and sets up a new http.Server, using safe settings that should make it safer to expose to the internet.
SimpleErrorHandler is the default handler for handling handler errors (that sounded sick).
SimpleNotFoundHandler is the default "404 not found" handler.
# Variables
ErrInvalidTemplate is returned when you try to render a template with an unknown name.
# Structs
Context is a convenience struct for easing the handling of a http request.
Error is a custom error which also contains a http status code.
Mux implements the http.Handler interface and allows you to easily register handlers and middleware with sane defaults.
MuxOptions contains all the optional settings for a Mux.
ServerOptions contaisn settings that will be used when creating a new, secure http.Server (via NewServer()).
# Type aliases
ErrorHandler is a sort of a Handler, but it also takes an error.
Handler is a shorter convenience function signature for http handlers, instead of func(http.ResponseWriter, *http.Request).
Middleware is a function signature used when wrapping a Handler in one or many Handler middlewares.
RegisterFunc is a function signature used when you want to register multiple handlers under a common URL path.