Skip to content

Commit

Permalink
Removing depreciated XSSMode middleware and cleanup test config
Browse files Browse the repository at this point in the history
  • Loading branch information
@JustSteveKing
JustSteveKing committed May 15, 2023
1 parent 8751910 commit cafdfcc
Show file tree
Hide file tree
Showing 6 changed files with 19 additions and 83 deletions.
2 changes: 0 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,8 +70,6 @@ return [

'referrer-policy' => 'no-referrer-when-downgrade',

'xss-mode' => '1; mode=block',

'strict-transport-security' => 'max-age=31536000; includeSubDomains',

'certificate-transparency' => 'enforce, max-age=30',
Expand Down
2 changes: 0 additions & 2 deletions config/headers.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,6 @@

'referrer-policy' => 'no-referrer-when-downgrade',

'xss-mode' => '1; mode=block',

'strict-transport-security' => 'max-age=31536000; includeSubDomains',

'certificate-transparency' => 'enforce, max-age=30',
Expand Down
27 changes: 0 additions & 27 deletions src/Http/Middleware/XSSMode.php
View file

This file was deleted.

2 changes: 1 addition & 1 deletion src/Providers/PackageServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ final class PackageServiceProvider extends ServiceProvider
public function boot(): void
{
$this->publishes([
__DIR__ . '/../../config/headers.php' => config_path('headers.php'),
__DIR__.'/../../config/headers.php' => config_path('headers.php'),
], 'security-headers');
}
}
22 changes: 0 additions & 22 deletions tests/Http/Middleware/XSSModeTest.php
View file

This file was deleted.

47 changes: 18 additions & 29 deletions tests/PackageTestCase.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,36 +24,25 @@ protected function getPackageProviders($app): array

protected function defineEnvironment($app): void
{
tap($app->make('config'), function (Repository $config): void {
$config->set('headers.remove', [
'X-Powered-By',
'Server',
]);
tap($app->make('config'), static function (Repository $config): void {
$config->set('headers', [
'remove' => [
'X-Powered-By',
'x-powered-by',
'Server',
'server',
],

'referrer-policy' => 'no-referrer-when-downgrade',

'strict-transport-security' => 'max-age=31536000; includeSubDomains',

$config->set(
'headers.referrer-policy',
'no-referrer-when-downgrade',
);
$config->set(
'headers.xss-mode',
'1; mode=block',
);
$config->set(
'headers.strict-transport-security',
'max-age=31536000; includeSubDomains',
);
$config->set(
'headers.certificate-transparency',
'enforce, max-age=30',
);
$config->set(
'headers.permissions-policy',
'autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()'
);
$config->set(
'headers.content-type-options',
'nosniff',
);
'certificate-transparency' => 'enforce, max-age=30',

'permissions-policy' => 'autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()',

'content-type-options' => 'nosniff',
]);
});
}
}

0 comments on commit cafdfcc

Please sign in to comment.