I'd appreciate feedback on a Go library I'm planning that might be of interest to people who write Go web frontends,
https://tinyurl.com/sec-header-sets is the design doc. """ A proposed library that provides safe defaults (with opt-out) for security-relevant HTTP response headers. Background A variety of headers have been added over the years to address common security problems. Many of these headers were specified as opt-in to avoid breaking the web. Type net/http/ResponseWriter provides a Header multimap, and a WriteHeaders() method that commits the header map to the underlying channel. Goal When writing new web applications, web application authors should have a way to opt-out of secure defaults based on application requirements instead of having to opt-in. ... """ -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
