AgentsConfigurationSecurityConfig

get_security_headers

View as MarkdownOpen in Claude

Get security headers to add to HTTP responses.

Parameters

is_https
boolDefaults to false

Whether the connection is over HTTPS. When True and use_hsts is enabled, the Strict-Transport-Security header is included.

Returns

dict[str, str] — Dictionary of security headers including X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, Referrer-Policy, and optionally Strict-Transport-Security.

Example

1from signalwire.core.security_config import SecurityConfig
2
3security = SecurityConfig()
4headers = security.get_security_headers(is_https=False)
5https_headers = security.get_security_headers(is_https=True)
6
7print(headers)
8# {'X-Content-Type-Options': 'nosniff', 'X-Frame-Options': 'DENY', ...}
9print(https_headers)
10# Includes 'Strict-Transport-Security' header when HSTS is enabled