pub fn defence_in_depth_layer(
csp: ContentSecurityPolicy,
) -> (SetResponseHeaderLayer<Option<HeaderValue>>, SetResponseHeaderLayer<MakeHeaderValueDefault<TypedHeaderAsMaker<XContentTypeOptions>>>, SetResponseHeaderLayer<Option<HeaderValue>>, SetResponseHeaderLayer<Option<HeaderValue>>)Available on crate features
http and net and haproxy and cli only.Expand description
Build the standard defence-in-depth response-header layer stack.
Sets Content-Security-Policy, X-Content-Type-Options,
Referrer-Policy, and X-Frame-Options — each if-not-present, so
upstream services can override them per-response when needed (e.g.
for a /healthz JSON endpoint that has its own posture).
The returned value is itself a tuple of layers and is composed into the surrounding middleware stack the same way as any other layer.