Skip to content

Packages that adds security headers to Laravel responses

License

Notifications You must be signed in to change notification settings

ansovi/laravel-security-headers

This branch is 7 commits behind therobfonz/laravel-security-headers:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

author
Sophia Villiger
Nov 13, 2024
829c3ad · Nov 13, 2024

History

20 Commits
Apr 27, 2024
Apr 27, 2024
Nov 13, 2024
Nov 13, 2024
Apr 9, 2023
Oct 11, 2019
Apr 27, 2024
Apr 27, 2024
Apr 27, 2024
Apr 27, 2024

Repository files navigation

Laravel Security Headers

This is a Laravel service provider for adding security header responses to your application.

Installation

The SecurityHeaders Service Provider can be installed via Composer by requiring the therobfonz/laravel-security-headers package in your project's composer.json.

{
    "require": {
        "therobfonz/laravel-security-headers": "^3.0"
    }
}

Packages are auto-discovered in Laravel 5.6+. Service Providers and Facades are defined in composer.json.

Config File

Publish the confirguration file using Artisan.

php artisan vendor:publish --provider="TheRobFonz\SecurityHeaders\SecurityHeadersServiceProvider"

Update your settings in the generated config/security.php configuration file.

Configuration

Add the middleware to the 'web' middleware group in App\Http\Kernel.php

protected $middlewareGroups = [
    'web' => [
        //...
    
        \TheRobFonz\SecurityHeaders\Middleware\RespondWithSecurityHeaders::class,

Nonces

Every inline script tag needs to include the @nonce blade directive in the opening tag.

<script @nonce>

Links

About

Packages that adds security headers to Laravel responses

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PHP 99.9%
  • Blade 0.1%