Skip to content

cadre/secure.py

BranchesTags
ย 
ย 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

40 Commits
docs
docs
ย 
ย 
secure
secure
ย 
ย 
.gitignore
.gitignore
ย 
ย 
.travis.yml
.travis.yml
ย 
ย 
LICENSE
LICENSE
ย 
ย 
MANIFEST.in
MANIFEST.in
ย 
ย 
README.md
README.md
ย 
ย 
dev-requirements.txt
dev-requirements.txt
ย 
ย 
setup.py
setup.py
ย 
ย 

Repository files navigation

secure.py

image Python 3 image image

secure.py ๐Ÿ”’ is a lightweight package that adds optional security headers and cookie attributes for Python web frameworks.

Supported Python web frameworks:

aiohttp, Bottle, CherryPy, Django, Falcon, Flask, hug, Masonite, Pyramid, Quart, Responder, Sanic, Starlette, Tornado

Install

pip:

$ pip install secure

Pipenv:

$ pipenv install secure

After installing secure:

from secure import SecureHeaders, SecureCookie

secure_headers = SecureHeaders()
secure_cookie = SecureCookie()

Secure Headers

Example

secure_headers.framework(response)

Default HTTP response headers:

Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Cache-control: no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0

Secure Cookie

Example

secure_cookie.framework(response, name="spam", value="eggs")

Default Set-Cookie HTTP response header:

Set-Cookie: spam=eggs; Path=/; secure; HttpOnly; SameSite=lax

Documentation

Please see the full set of documentation at https://secure.readthedocs.io

Resources

About

Secure ๐Ÿ”’ headers and cookies for Python web frameworks

secure.rtfd.io

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Python 100.0%