Skip to content

therobfonz/laravel-security-headers

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Laravel Security Headers

This is a Laravel service provider for adding security header responses to your application.

Installation

The SecurityHeaders Service Provider can be installed via Composer by requiring the therobfonz/laravel-security-headers package in your project's composer.json.

{
    "require": {
        "therobfonz/laravel-security-headers": "^3.0"
    }
}

Packages are auto-discovered in Laravel 5.6+. Service Providers and Facades are defined in composer.json.

Config File

Publish the confirguration file using Artisan.

php artisan vendor:publish --provider="TheRobFonz\SecurityHeaders\SecurityHeadersServiceProvider"

Update your settings in the generated config/security.php configuration file.

Configuration

Add the middleware to the 'web' middleware group in App\Http\Kernel.php

protected $middlewareGroups = [
    'web' => [
        //...
    
        \TheRobFonz\SecurityHeaders\Middleware\RespondWithSecurityHeaders::class,

Nonces

Every inline script tag needs to include the @nonce blade directive in the opening tag.

<script @nonce>

Links

About

Packages that adds security headers to Laravel responses

Resources

License

Stars

Watchers

Forks

Packages

No packages published