Skip to content

therobfonz/laravel-security-headers

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
.github/workflows
.github/workflows
 
 
config
config
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
composer.json
composer.json
 
 
phpunit.xml
phpunit.xml
 
 
pint.json
pint.json
 
 
readme.md
readme.md
 
 

Repository files navigation

Laravel Security Headers

This is a Laravel service provider for adding security header responses to your application.

Installation

The SecurityHeaders Service Provider can be installed via Composer by requiring the therobfonz/laravel-security-headers package in your project's composer.json.

{
    "require": {
        "therobfonz/laravel-security-headers": "^3.0"
    }
}

Packages are auto-discovered in Laravel 5.6+. Service Providers and Facades are defined in composer.json.

Config File

Publish the confirguration file using Artisan.

php artisan vendor:publish --provider="TheRobFonz\SecurityHeaders\SecurityHeadersServiceProvider"

Update your settings in the generated config/security.php configuration file.

Configuration

Add the middleware to the 'web' middleware group in App\Http\Kernel.php

protected $middlewareGroups = [
    'web' => [
        //...
    
        \TheRobFonz\SecurityHeaders\Middleware\RespondWithSecurityHeaders::class,

Nonces

Every inline script tag needs to include the @nonce blade directive in the opening tag.

<script @nonce>

Links

About

Packages that adds security headers to Laravel responses

Resources

Readme

License

MIT license
Activity

Stars

51 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 4

3.0 Latest
Apr 27, 2024
+ 3 releases

Packages

No packages published

Languages