Prepara versao dev 1.0

2025-12-08 21:47:38 -03:00
parent 512287698e
commit 190fde20c3
85 changed files with 7755 additions and 2317 deletions
--- a/backend/internal/api/middleware/security.go
+++ b/backend/internal/api/middleware/security.go
@@ -0,0 +1,17 @@
+package middleware
+
+import (
+	"net/http"
+)
+
+// SecurityHeaders adds security headers to responses
+func SecurityHeaders(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("X-Content-Type-Options", "nosniff")
+		w.Header().Set("X-Frame-Options", "DENY")
+		w.Header().Set("X-XSS-Protection", "1; mode=block")
+		w.Header().Set("Referrer-Policy", "strict-origin-when-cross-origin")
+		
+		next.ServeHTTP(w, r)
+	})
+}