Security
Two layers of protection: built-in prevention in stratum-core, and hardened features in stratum-security.
Built-in (stratum-core)
These protections are always active — no feature flag needed:
- XSS prevention —
RenderOutput::with_classvalidates viais_safe_class_name,with_stylevalidates viais_safe_css_value - HTML escaping —
escape_htmlandescape_attr(escapes & < > " ' ` / =) - ID sanitization —
sanitize_idstrips injection characters - ARIA level clamping — heading levels clamped to 1-6
Hardened (stratum-security)
Optional crate for production deployments:
| Feature | Type | Description |
|---|---|---|
| CSP nonces | CspNonce | CSPRNG-generated nonces for Content-Security-Policy compliant style injection |
| CSRF tokens | CsrfToken | CSPRNG tokens with constant-time validation (no length leakage) |
| SRI hashes | SriHash | SHA-256 subresource integrity for external resources |
| Security headers | SecurityHeaders | CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy |
| Input sanitization | Sanitizer | Tag stripping (handles quoted attrs), control char removal, length limits |
Enable stratum-security
Cargo.toml
[dependencies]
stratum = { version = "0.1", features = ["security"] }