mikica / clickjacking-middleware
Provides clickjacking protection via the X-Frame-Options header.
Installs: 1 161
Dependents: 0
Suggesters: 0
Security: 0
Stars: 7
Watchers: 2
Forks: 1
Open Issues: 0
Requires
- php: >=5.3
- psr/http-message: ^1.0
Requires (Dev)
- phpunit/phpunit: ^5.0
- zendframework/zend-diactoros: ^1.1
README
PSR-7 Middleware that provides clickjacking protection via the X-Frame-Options header.
Middleware that sets the X-Frame-Options HTTP header in HTTP responses. Does not set the header if it's already set. By default, sets the X-Frame-Options header to 'SAMEORIGIN', meaning the response can only be loaded on a frame within the same site.
Note: older browsers will quietly ignore this header, thus other clickjacking protection techniques should be used if protection in those browsers is required.
Installation
composer require mikica/clickjacking-middleware
Usage
In Slim 3:
//new Clickjacking\Middleware\XFrameOptions("DENY") $app->add(new Clickjacking\Middleware\XFrameOptions()); $app->get('/', function ($request, $response, $args) { return $response; });