Categorygithub.com/lmas/web
modulepackage
0.0.0-20210407125106-11af2ba796d3
Repository: https://github.com/lmas/web.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
16
Dependents
1
Files
432 SLOC

# README

web

PkgGoDev Tests

Yet another minimal and personal DIY web framework for golang.

Goals

  • Security

      Safe by default, using documented best practices

  • Minimalism

      Cherry-picking of features, avoiding 3rd party dependecies

  • Sane Defaults

      Minimal configuration required, good performance without ugly hacks

Status

Under development.

License

MIT licensed. See the LICENSE file for details.

References

Security

  • General web security recommendations (feels up to date, lot's of http headers available)

      https://almanac.httparchive.org/en/2020/security
  https://owasp.org/www-project-secure-headers/

  • Go web server recommendations (somewhat out of date?)

      https://blog.cloudflare.com/exposing-go-on-the-internet/
  https://juliensalinas.com/en/security-golang-website/

  • TLS best practices (and with a good config generator)

      https://wiki.mozilla.org/Security/Server_Side_TLS
  https://www.ssllabs.com/ssl-pulse/

  • Go's TLS defaults (cipher suits etc.)

      https://go.googlesource.com/go/+blame/go1.15.6/src/crypto/tls/common.go

  • Checking for issues in the source code

      https://github.com/golang/lint
  https://github.com/securego/gosec

# Packages

No description provided by the author

# Functions

LoadTemplates is a helper for quickly loading template files from a dir (using a filepath.Glob pattern) and an optional FuncMap.
LoadTemplatesWithLayout works basicly in the same way as LoadTemplates, except (!) the first template will be used as the base layout for the other templates.
NewMux returns a new Mux that implements the http.Handler interface and can be run with http.ListenAndServe(":8000", handler).
NewServer creates and sets up a new http.Server, using safe settings that should make it safer to expose to the internet.
SimpleErrorHandler is the default handler for handling handler errors (that sounded sick).
SimpleNotFoundHandler is the default "404 not found" handler.

# Variables

ErrInvalidTemplate is returned when you try to render a template with an unknown name.

# Structs

Context is a convenience struct for easing the handling of a http request.
Error is a custom error which also contains a http status code.
Mux implements the http.Handler interface and allows you to easily register handlers and middleware with sane defaults.
MuxOptions contains all the optional settings for a Mux.
ServerOptions contaisn settings that will be used when creating a new, secure http.Server (via NewServer()).

# Type aliases

ErrorHandler is a sort of a Handler, but it also takes an error.
Handler is a shorter convenience function signature for http handlers, instead of func(http.ResponseWriter, *http.Request).
Middleware is a function signature used when wrapping a Handler in one or many Handler middlewares.
RegisterFunc is a function signature used when you want to register multiple handlers under a common URL path.