Skip to content

Latest commit

 

History

History
52 lines (34 loc) · 1.21 KB

readme.md

File metadata and controls

52 lines (34 loc) · 1.21 KB
Raw

Laravel Security Headers

This is a Laravel service provider for adding security header responses to your application.

Installation

The SecurityHeaders Service Provider can be installed via Composer by requiring the pionect/laravel-security-headers package in your project's composer.json.

{
    "require": {
        "pionect/laravel-security-headers": "^2.0"
    }
}

Packages are auto-discovered in Laravel 5.6+. Service Providers and Facades are defined in composer.json.

Config File

Publish the confirguration file using Artisan.

php artisan vendor:publish --provider="Pionect\SecurityHeaders\SecurityHeadersServiceProvider"

Update your settings in the generated config/security.php configuration file.

Configuration

Add the middleware to the 'web' middleware group in App\Http\Kernel.php

protected $middlewareGroups = [
    'web' => [
        //...
    
        \Pionect\SecurityHeaders\Middleware\RespondWithSecurityHeaders::class,

Nonces

Every inline script tag needs to include the @nonce blade directive in the opening tag.

<script @nonce>

Links