sen0rxol0/security-headers

This package is abandoned and no longer maintained. No replacement package was suggested.

Improved security in your application, serves as a middleware to inject HTTP response headers.

Maintainers

Details

github.com/sen0rxol0/security-headers

Homepage

Source

Installs: 5

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Type:project

v1.1.0 2018-03-16 14:51 UTC

Requires

Requires (Dev)

MIT 6815d3356ae06d5d3a1e51ff442183691c0b30dc

packagesecurityheaderslaravel

This package is not auto-updated.

Last update: 2022-01-08 15:12:51 UTC

README

Packagist PHP from Packagist

This package aims to improve HTTP response headers security, built for integration with Laravel.

It wont be a extend guide on headers security, for more info check out resources or start by testing your application headers on securityheaders.io and come back when you probably 😱

Integration

Install the package with composer

  composer require sen0rxol0\security-headers

Publish the configuration file

  php artisan vendor:publish --tag="config"

Now that the config file may be published at config\headers.php

Add SecurityHeadersMiddleware to your application global middleware in app\Http\Kernel.php

  protected $middleware = [
    //..
    \Sen0rxol0\SecurityHeaders\SecurityHeadersMiddleware::class,
  ];

Next you can start tweaking the config file in config\headers.php, although i recommend reading more about security headers, the base config is good to go.

Usage information

When using Content-Security-Policy with nonce or if add-nonce is set to true you will need to make use of a helper function in your templates script tags

  <script nonce="{{ nonce('script-src') }}" src="{{ mix('/js/app.js') }}"></script>

Resources

Credits

License

The MIT License (MIT). Please see License File for more information.