# Gorilla Missing Security Headers

- ID: go-gorilla-missing-helmet
- Severity: MEDIUM
- CWE: Protection Mechanism Failure (CWE-693)
- Languages: Go
- Frameworks: gorilla

## Description

Gorilla Mux application missing security HTTP headers middleware.

## Remediation

Add security headers via middleware.

```go
r := mux.NewRouter()
r.Use(func(next http.Handler) http.Handler {
    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        w.Header().Set("X-Frame-Options", "DENY")
        w.Header().Set("X-Content-Type-Options", "nosniff")
        next.ServeHTTP(w, r)
    })
})
```

Learn more: https://shoulder.dev/learn/go/cwe-693/helmet-headers

## Related Rules

- **Missing Healthcheck Configuration** [LOW]: 
- **Chi Missing Security Headers** [MEDIUM]: 
- **Echo Missing Security Headers** [MEDIUM]: 
- **Fiber Missing Security Headers** [MEDIUM]: 
- **Gin Missing Security Headers** [MEDIUM]: