From bab0228e1d5324cd6adff77d8c60495a662f4873 Mon Sep 17 00:00:00 2001
From: xfy <i@rua.plus>
Date: Fri, 10 Apr 2026 13:22:35 +0800
Subject: [PATCH] =?UTF-8?q?refactor(security):=20=E5=B0=86=E5=AE=89?=
 =?UTF-8?q?=E5=85=A8=E5=A4=B4=E8=BE=85=E5=8A=A9=E5=87=BD=E6=95=B0=E6=94=B9?=
 =?UTF-8?q?=E4=B8=BA=E7=A7=81=E6=9C=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 internal/middleware/security/headers.go      | 12 ++++++------
 internal/middleware/security/headers_test.go |  6 +++---
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/internal/middleware/security/headers.go b/internal/middleware/security/headers.go
index 679d81c..d2ff02f 100644
--- a/internal/middleware/security/headers.go
+++ b/internal/middleware/security/headers.go
@@ -288,11 +288,11 @@ func (sh *HeadersMiddleware) GetConfig() *config.SecurityHeaders {
 	return sh.config
 }
 
-// DefaultSecurityHeaders 返回安全的安全头默认配置。
+// defaultSecurityHeaders 返回安全的安全头默认配置。
 //
 // 返回值：
 //   - *config.SecurityHeaders: 包含安全默认值的配置对象
-func DefaultSecurityHeaders() *config.SecurityHeaders {
+func defaultSecurityHeaders() *config.SecurityHeaders {
 	return &config.SecurityHeaders{
 		XFrameOptions:       "DENY",
 		XContentTypeOptions: "nosniff",
@@ -300,13 +300,13 @@ func DefaultSecurityHeaders() *config.SecurityHeaders {
 	}
 }
 
-// StrictSecurityHeaders 返回严格模式的安全头配置。
+// strictSecurityHeaders 返回严格模式的安全头配置。
 //
 // 适用于高安全要求的应用场景，包含严格的 CSP 和权限策略。
 //
 // 返回值：
 //   - *config.SecurityHeaders: 包含严格安全值的配置对象
-func StrictSecurityHeaders() *config.SecurityHeaders {
+func strictSecurityHeaders() *config.SecurityHeaders {
 	return &config.SecurityHeaders{
 		XFrameOptions:         "DENY",
 		XContentTypeOptions:   "nosniff",
@@ -316,13 +316,13 @@ func StrictSecurityHeaders() *config.SecurityHeaders {
 	}
 }
 
-// DevelopmentSecurityHeaders 返回开发环境使用的宽松安全头配置。
+// developmentSecurityHeaders 返回开发环境使用的宽松安全头配置。
 //
 // 警告：请勿在生产环境使用此配置，安全性较低。
 //
 // 返回值：
 //   - *config.SecurityHeaders: 包含宽松安全值的配置对象
-func DevelopmentSecurityHeaders() *config.SecurityHeaders {
+func developmentSecurityHeaders() *config.SecurityHeaders {
 	return &config.SecurityHeaders{
 		XFrameOptions:       "SAMEORIGIN",
 		XContentTypeOptions: "nosniff",
diff --git a/internal/middleware/security/headers_test.go b/internal/middleware/security/headers_test.go
index 75a67bb..683f6dd 100644
--- a/internal/middleware/security/headers_test.go
+++ b/internal/middleware/security/headers_test.go
@@ -182,7 +182,7 @@ func TestUpdateConfig(t *testing.T) {
 }
 
 func TestDefaultSecurityHeaders(t *testing.T) {
-	cfg := DefaultSecurityHeaders()
+	cfg := defaultSecurityHeaders()
 
 	if cfg.XFrameOptions != "DENY" {
 		t.Errorf("Expected default X-Frame-Options 'DENY', got %s", cfg.XFrameOptions)
@@ -193,7 +193,7 @@ func TestDefaultSecurityHeaders(t *testing.T) {
 }
 
 func TestStrictSecurityHeaders(t *testing.T) {
-	cfg := StrictSecurityHeaders()
+	cfg := strictSecurityHeaders()
 
 	if cfg.XFrameOptions != "DENY" {
 		t.Errorf("Expected X-Frame-Options 'DENY', got %s", cfg.XFrameOptions)
@@ -207,7 +207,7 @@ func TestStrictSecurityHeaders(t *testing.T) {
 }
 
 func TestDevelopmentSecurityHeaders(t *testing.T) {
-	cfg := DevelopmentSecurityHeaders()
+	cfg := developmentSecurityHeaders()
 
 	if cfg.XFrameOptions != "SAMEORIGIN" {
 		t.Errorf("Expected X-Frame-Options 'SAMEORIGIN' for dev, got %s", cfg.XFrameOptions)