package middleware import ( "strings" "github.com/gofiber/fiber/v2" ) // SecurityHeadersMiddleware adds security headers to all responses func SecurityHeadersMiddleware() fiber.Handler { return func(c *fiber.Ctx) error { // Prevent MIME type sniffing c.Set("X-Content-Type-Options", "nosniff") // Prevent clickjacking attacks c.Set("X-Frame-Options", "DENY") // Content Security Policy // Next.js static export injects inline