Golang Gin Middleware


原文链接: Golang Gin Middleware

dvwright/xss-mw: XssMw is an middleware designed to "auto remove XSS" from user submitted input, it’s written in Go and targets the Gin web framework.

gin-gonic/autotls: Support Let's Encrypt for a Go server application.

sipt/faygo-security: gin security middleware
用于验证接口请求完整性,对请求的所有KV(除媒体文件)以及时间戳timestamp和随机字符串nonce,进行大小写排序,用&、=相连,最后连接上key=secret,进行MD5。服务端对此进行验证。
对请求中的timestamp和nonce进行验证,timestamp和nonce唯一标识一个请求,当出现请求重复时,认为是请求重放攻击,可以自行处理,如:下次发起请求时必须带有验证码。当timestamp超出了预设时间,如60s,就返回错误信息并且带上服务器当前时间(RFC 3339),再次请求,超过指定次数就要求携带验证码

Depado/ginprom: Gin Prometheus metrics exporter inspired by https://github.com/zsais/go-gin-prometheus

abrander/ginproxy: A very simple proxy handler for gin-gonic

`