actix_http/header/
common.rs

1//! Common header names not defined in [`http`].
2//!
3//! Any headers added to this file will need to be re-exported from the list at `crate::headers`.
4
5use http::header::HeaderName;
6
7/// Response header field that indicates how caches have handled that response and its corresponding
8/// request.
9///
10/// See [RFC 9211](https://www.rfc-editor.org/rfc/rfc9211) for full semantics.
11// TODO(breaking): replace with http's version
12pub const CACHE_STATUS: HeaderName = HeaderName::from_static("cache-status");
13
14/// Response header field that allows origin servers to control the behavior of CDN caches
15/// interposed between them and clients separately from other caches that might handle the response.
16///
17/// See [RFC 9213](https://www.rfc-editor.org/rfc/rfc9213) for full semantics.
18// TODO(breaking): replace with http's version
19pub const CDN_CACHE_CONTROL: HeaderName = HeaderName::from_static("cdn-cache-control");
20
21/// Response header that prevents a document from loading any cross-origin resources that don't
22/// explicitly grant the document permission (using [CORP] or [CORS]).
23///
24/// [CORP]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)
25/// [CORS]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
26pub const CROSS_ORIGIN_EMBEDDER_POLICY: HeaderName =
27    HeaderName::from_static("cross-origin-embedder-policy");
28
29/// Response header that allows you to ensure a top-level document does not share a browsing context
30/// group with cross-origin documents.
31pub const CROSS_ORIGIN_OPENER_POLICY: HeaderName =
32    HeaderName::from_static("cross-origin-opener-policy");
33
34/// Response header that conveys a desire that the browser blocks no-cors cross-origin/cross-site
35/// requests to the given resource.
36pub const CROSS_ORIGIN_RESOURCE_POLICY: HeaderName =
37    HeaderName::from_static("cross-origin-resource-policy");
38
39/// Response header that provides a mechanism to allow and deny the use of browser features in a
40/// document or within any `<iframe>` elements in the document.
41pub const PERMISSIONS_POLICY: HeaderName = HeaderName::from_static("permissions-policy");
42
43/// Request header (de-facto standard) for identifying the originating IP address of a client
44/// connecting to a web server through a proxy server.
45pub const X_FORWARDED_FOR: HeaderName = HeaderName::from_static("x-forwarded-for");
46
47/// Request header (de-facto standard) for identifying the original host requested by the client in
48/// the `Host` HTTP request header.
49pub const X_FORWARDED_HOST: HeaderName = HeaderName::from_static("x-forwarded-host");
50
51/// Request header (de-facto standard) for identifying the protocol that a client used to connect to
52/// your proxy or load balancer.
53pub const X_FORWARDED_PROTO: HeaderName = HeaderName::from_static("x-forwarded-proto");