securityutils

package

v0.4.0 Latest Latest Go to latest Published: Aug 23, 2025 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/alexzzzs/go-utils

Links

Open Source Insights

Documentation ¶

Overview ¶

Package securityutils provides utility functions for security operations and data sanitization.

Index ¶

func EscapeSQL(input string) string
func GenerateSecureToken(length int) (string, error)
func IsCommonPassword(password string) bool
func MaskCreditCard(cardNumber string) string
func MaskEmail(email string) string
func MaskString(input string, start, end int, maskChar rune) string
func SanitizeFilename(filename string) string
func SanitizeHTML(input string) string
func SanitizeURL(rawURL string) (string, error)
func StripHTMLTags(input string) string
func UnescapeHTML(input string) string
func ValidateCSRFToken(token, expectedToken string) error
func ValidatePassword(password string, minLength int, ...) []string
type CSRFToken
- func GenerateCSRFToken(userID string, expiry time.Duration) (*CSRFToken, error)
- func (c *CSRFToken) IsExpired() bool
- func (c *CSRFToken) Validate(token string) error
type RateLimiter
- func NewRateLimiter(limit int, window time.Duration) *RateLimiter
- func (rl *RateLimiter) Allow(identifier string) bool
- func (rl *RateLimiter) CleanupExpired()
type SecureHeaders
- func DefaultSecureHeaders() SecureHeaders
- func (h *SecureHeaders) ToMap() map[string]string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func EscapeSQL ¶

func EscapeSQL(input string) string

EscapeSQL escapes SQL input to prevent SQL injection (basic escaping). Note: This is a basic implementation. Use parameterized queries in production.

func GenerateSecureToken ¶

func GenerateSecureToken(length int) (string, error)

GenerateSecureToken generates a cryptographically secure random token.

func IsCommonPassword ¶

func IsCommonPassword(password string) bool

IsCommonPassword checks if a password is in a list of common passwords.

func MaskCreditCard ¶

func MaskCreditCard(cardNumber string) string

MaskCreditCard masks a credit card number while preserving the last 4 digits.

func MaskEmail ¶

func MaskEmail(email string) string

MaskEmail masks an email address while preserving structure.

func MaskString ¶

func MaskString(input string, start, end int, maskChar rune) string

MaskString masks a string by replacing characters with a mask character.

func SanitizeFilename ¶

func SanitizeFilename(filename string) string

SanitizeFilename sanitizes a filename by removing dangerous characters.

func SanitizeHTML ¶

func SanitizeHTML(input string) string

SanitizeHTML sanitizes HTML input by escaping dangerous characters.

func SanitizeURL ¶

func SanitizeURL(rawURL string) (string, error)

SanitizeURL sanitizes a URL by escaping dangerous characters.

func StripHTMLTags ¶

func StripHTMLTags(input string) string

StripHTMLTags removes HTML tags from input string.

func UnescapeHTML ¶

func UnescapeHTML(input string) string

UnescapeHTML unescapes HTML entities.

func ValidateCSRFToken ¶

func ValidateCSRFToken(token, expectedToken string) error

ValidateCSRFToken validates a CSRF token.

func ValidatePassword ¶

func ValidatePassword(password string, minLength int, requireSpecial, requireNumber, requireUpper, requireLower bool) []string

ValidatePassword validates password strength based on common criteria.

Types ¶

type CSRFToken ¶

type CSRFToken struct {
	Token     string
	ExpiresAt time.Time
	UserID    string
}

CSRFToken represents a CSRF token with metadata.

func GenerateCSRFToken ¶

func GenerateCSRFToken(userID string, expiry time.Duration) (*CSRFToken, error)

GenerateCSRFToken generates a cryptographically secure CSRF token.

func (*CSRFToken) IsExpired ¶

func (c *CSRFToken) IsExpired() bool

IsExpired checks if a CSRF token has expired.

func (*CSRFToken) Validate ¶

func (c *CSRFToken) Validate(token string) error

Validate validates the CSRF token against another token.

type RateLimiter ¶

type RateLimiter struct {
	// contains filtered or unexported fields
}

RateLimiter represents a simple rate limiter.

func NewRateLimiter ¶

func NewRateLimiter(limit int, window time.Duration) *RateLimiter

NewRateLimiter creates a new rate limiter.

func (*RateLimiter) Allow ¶

func (rl *RateLimiter) Allow(identifier string) bool

Allow checks if a request from the given identifier is allowed.

func (*RateLimiter) CleanupExpired ¶

func (rl *RateLimiter) CleanupExpired()

CleanupExpired removes expired entries from the rate limiter.

type SecureHeaders ¶

type SecureHeaders struct {
	ContentTypeOptions      string
	FrameOptions            string
	XSSProtection           string
	ReferrerPolicy          string
	ContentSecurityPolicy   string
	StrictTransportSecurity string
}

SecureHeaders represents common security headers.

func DefaultSecureHeaders ¶

func DefaultSecureHeaders() SecureHeaders

DefaultSecureHeaders returns default secure headers.

func (*SecureHeaders) ToMap ¶

func (h *SecureHeaders) ToMap() map[string]string

ToMap converts SecureHeaders to a map for easy HTTP header setting.

Source Files ¶

View all Source files

securityutils.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL