Package Data | |
---|---|
Maintainer Username: | paramonovav |
Maintainer Contact: | paramonovav@gmail.com (Anton Paramonov) |
Package Create Date: | 2015-08-07 |
Package Last Update: | 2015-12-24 |
Language: | PHP |
License: | MIT |
Last Refreshed: | 2024-12-17 03:01:29 |
Package Statistics | |
---|---|
Total Downloads: | 67 |
Monthly Downloads: | 0 |
Daily Downloads: | 0 |
Total Stars: | 4 |
Total Watchers: | 1 |
Total Forks: | 1 |
Total Open Issues: | 0 |
Provides support for enforcing Content Security Policy and XSS Protection with headers in Laravel 4 responses.
Note: Based on Content Security Policy, Improving Web Security with the Content Security Policy, HTTP headers.
storage/logs/content-security-policy-report
folder if neededx-xss-protection, x-frame-options, x-content-type-options
Require this package with composer:
composer require paramonovav/laravel4-header-csp
After updating composer, add the ServiceProvider to the providers array in app/config/app.php
'Paramonovav\Laravel4HeaderCsp\Laravel4HeaderCspServiceProvider',
You need to publish the config from this package.
php artisan config:publish paramonovav/laravel4-header-csp
The following will apply all default profiles to the login
route.
Route::get('login', array('after'=>'response.secure'), function()
{
return 'Hello, on login page !';
}));
The following will apply all default profiles and a specific google
profile to the login
route.
Route::get('login', array('after'=>'response.secure:google'), function()
{
return 'Hello, on login page !';
}));
You can include any number of specific profiles. The following will apply default, google, flickr, and my_custom profiles to the login
route.
Route::get('login', array('after'=>'response.secure:google-flickr-my_custom'), function()
{
return 'Hello, on login page !';
}));