actix_http/header/
common.rs

1//! Common header names not defined in [`http`].
2//!
3//! Any headers added to this file will need to be re-exported from the list at `crate::headers`.
4
5use http::header::HeaderName;
6
7/// Response header field that indicates how caches have handled that response and its corresponding
8/// request.
9///
10/// See [RFC 9211](https://www.rfc-editor.org/rfc/rfc9211) for full semantics.
11// TODO(breaking): replace with http's version
12pub const CACHE_STATUS: HeaderName = HeaderName::from_static("cache-status");
13
14/// Response header field that allows origin servers to control the behavior of CDN caches
15/// interposed between them and clients separately from other caches that might handle the response.
16///
17/// See [RFC 9213](https://www.rfc-editor.org/rfc/rfc9213) for full semantics.
18// TODO(breaking): replace with http's version
19pub const CDN_CACHE_CONTROL: HeaderName = HeaderName::from_static("cdn-cache-control");
20
21/// Response header field that sends a signal to the user agent that it ought to remove all data of
22/// a certain set of types.
23///
24/// See the [W3C Clear-Site-Data spec] for full semantics.
25///
26/// [W3C Clear-Site-Data spec]: https://www.w3.org/TR/clear-site-data/#header
27pub const CLEAR_SITE_DATA: HeaderName = HeaderName::from_static("clear-site-data");
28
29/// Response header that prevents a document from loading any cross-origin resources that don't
30/// explicitly grant the document permission (using [CORP] or [CORS]).
31///
32/// [CORP]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)
33/// [CORS]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
34pub const CROSS_ORIGIN_EMBEDDER_POLICY: HeaderName =
35    HeaderName::from_static("cross-origin-embedder-policy");
36
37/// Response header that allows you to ensure a top-level document does not share a browsing context
38/// group with cross-origin documents.
39pub const CROSS_ORIGIN_OPENER_POLICY: HeaderName =
40    HeaderName::from_static("cross-origin-opener-policy");
41
42/// Response header that conveys a desire that the browser blocks no-cors cross-origin/cross-site
43/// requests to the given resource.
44pub const CROSS_ORIGIN_RESOURCE_POLICY: HeaderName =
45    HeaderName::from_static("cross-origin-resource-policy");
46
47/// Response header that provides a mechanism to allow and deny the use of browser features in a
48/// document or within any `<iframe>` elements in the document.
49pub const PERMISSIONS_POLICY: HeaderName = HeaderName::from_static("permissions-policy");
50
51/// Request header (de-facto standard) for identifying the originating IP address of a client
52/// connecting to a web server through a proxy server.
53pub const X_FORWARDED_FOR: HeaderName = HeaderName::from_static("x-forwarded-for");
54
55/// Request header (de-facto standard) for identifying the original host requested by the client in
56/// the `Host` HTTP request header.
57pub const X_FORWARDED_HOST: HeaderName = HeaderName::from_static("x-forwarded-host");
58
59/// Request header (de-facto standard) for identifying the protocol that a client used to connect to
60/// your proxy or load balancer.
61pub const X_FORWARDED_PROTO: HeaderName = HeaderName::from_static("x-forwarded-proto");