You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs(my-canister-frontend): clean up crate for standalone publish
- Remove unused `candid` dependency
- Update Cargo.toml description to match README
- Fix README Usage example to handle Result with .expect()
- Extend Configuration section with header customisation docs
- Remove Usage with my_canister_dashboard section
- Remove dashboard/user-owned-dapp references from doc comments
- Fix js_file_config test to reflect compressible behaviour (2 encodings)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
-**Configurable**: Use `FrontendConfig` to allow additional file typesor adjust size limits
43
+
-**Configurable**: Use `FrontendConfig` to allow additional file types, suppress default headers, or add custom headers
44
44
- Exposes `with_asset_router` and `with_asset_router_mut` for access to the asset router, see example below.
45
45
- Exposes `asset_router_configs` if you want to implement your own asset router, see [this example](https://github.com/Web3NL/my-canister-dapp/blob/e8fdc0ac81f7bdc702418c05130ace3f9f5399fb/examples/my-hello-world/src/backend/src/lib.rs).
46
46
47
47
## Configuration
48
48
49
-
To allow additional file types or customize settings:
49
+
`FrontendConfig` controls which file types are accepted and what HTTP headers are sent with every response. All fields have sensible defaults — only set what you need, and use `..Default::default()` to fill in the rest.
50
+
51
+
### Allow additional file types
50
52
51
53
```rust,ignore
52
54
use ic_cdk::init;
@@ -65,37 +67,61 @@ fn init() {
65
67
}
66
68
```
67
69
68
-
## Usage with [`my_canister_dashboard`](https://crates.io/crates/my-canister-dashboard)
70
+
### Default security headers
71
+
72
+
Every response includes these headers out of the box:
`Strict-Transport-Security` is intentionally omitted — ICP gateways enforce HTTPS at the infrastructure level, making it redundant on `.icp0.io`/`.ic0.app` domains. `X-XSS-Protection` is also omitted as it is a legacy header for old IE/Chrome versions. Both can be added via `extra_headers` if needed.
84
+
85
+
### Suppress a default header
86
+
87
+
Use `excluded_headers` with a `StandardHeader` variant to remove a specific default:
69
88
70
89
```rust,ignore
71
-
use ic_cdk::{init, query};
72
-
use ic_http_certification::{HttpRequest, HttpResponse};
73
-
use include_dir::{include_dir, Dir};
74
-
use my_canister_dashboard::setup_dashboard_assets;
75
-
use my_canister_frontend::setup_frontend;
76
-
use my_canister_frontend::asset_router::with_asset_router_mut;
90
+
use my_canister_frontend::{setup_frontend_with_config, FrontendConfig, StandardHeader};
77
91
78
-
static ASSETS: Dir = include_dir!("$CARGO_MANIFEST_DIR/../dapp-frontend/dist");
Use `extra_headers` to append headers to every response. If the name matches a default header (case-insensitive), the default is replaced rather than duplicated:
101
+
102
+
```rust,ignore
103
+
use my_canister_frontend::{setup_frontend_with_config, FrontendConfig};
0 commit comments