GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mikefrancis → laravel-secureheaders

mikefrancis / laravel-secureheaders

Licence: other
🔒 SecureHeaders wrapper for Laravel.

Programming Languages

PHP
23972 projects - #3 most used programming language

Labels

apilaravellaravel-packageheaderssecurity-hardening

Projects that are alternatives of or similar to laravel-secureheaders

laravel-packages
Useful packages for Laravel projects
Stars: ✭ 22 (-57.69%)
Mutual labels:  laravel-package
Laravel-Youtube-API
A way to add an API to your Laravel app that converts youtube video's to mp3/mp4 and returns a download/stream link and information.
Stars: ✭ 19 (-63.46%)
Mutual labels:  laravel-package
laravel-geocode
Laravel Package to find Lat and Long of a given Address
Stars: ✭ 15 (-71.15%)
Mutual labels:  laravel-package
laravel-migrate-check
An artisan command to check for pending migrations with proper exit code
Stars: ✭ 53 (+1.92%)
Mutual labels:  laravel-package
laravel-api-tool-kit
Laravel api tool kit is a set of tools that will help you to build a fast and well-organized API using laravel best practices.
Stars: ✭ 107 (+105.77%)
Mutual labels:  laravel-package
laravel-two-factor-authentication
A two-factor authentication package for Laravel >= 8
Stars: ✭ 37 (-28.85%)
Mutual labels:  laravel-package
ipsourcebypass
This Python script can be used to bypass IP source restrictions using HTTP headers.
Stars: ✭ 326 (+526.92%)
Mutual labels:  headers
crypton
Laravel Request & Response Encryption
Stars: ✭ 31 (-40.38%)
Mutual labels:  laravel-package
unobserve
Mute and unmute Laravel observers at will.
Stars: ✭ 82 (+57.69%)
Mutual labels:  laravel-package
laravel-cache
An improved helper for working with cache
Stars: ✭ 64 (+23.08%)
Mutual labels:  laravel-package
trader
Laravel package for trader extension interface.
Stars: ✭ 43 (-17.31%)
Mutual labels:  laravel-package
laravel-jwt
A seamless JWT implementation for Laravel
Stars: ✭ 71 (+36.54%)
Mutual labels:  laravel-package
flash
An easy way for Laravel flash notifications.
Stars: ✭ 14 (-73.08%)
Mutual labels:  laravel-package
LaravelPostcodes
A service wrapper around postcodes.io
Stars: ✭ 73 (+40.38%)
Mutual labels:  laravel-package
laravel-repositories
DEPRECATED – A neat repository Pattern implementation for Laravel.
Stars: ✭ 18 (-65.38%)
Mutual labels:  laravel-package
html-contextual-autoescaper-java
Prevents XSS by figuring out how to escape untrusted values in templates
Stars: ✭ 15 (-71.15%)
Mutual labels:  security-hardening
jwt-auth
🔐 JSON Web Token Authentication for Laravel & Lumen
Stars: ✭ 525 (+909.62%)
Mutual labels:  laravel-package
laravel-spotify
Laravel-Spotify is a simple wrapper around the Spotify Web API that makes working with its endpoints a breeze!
Stars: ✭ 141 (+171.15%)
Mutual labels:  laravel-package
laravel-startkit
Laravel Admin Dashboard, Admin Template with Frontend Template, for scalable Laravel projects. It is to save your time when You start with new scalable Laravel projects with many features Bootstrap, cooreui, infyom admin Generator, roles and permissions, translatable models, spatie media and much more
Stars: ✭ 55 (+5.77%)
Mutual labels:  laravel-package
relations-widgets-for-backpack
Views/widgets for preview laravel relations in laravel backpack
Stars: ✭ 21 (-59.62%)
Mutual labels:  laravel-package
View All Similar Projects ➔

Laravel SecureHeaders

Packagist Build Status codecov

SecureHeaders wrapper for Laravel.

Based on aidantwoods/SecureHeaders.

Installation

Require the mikefrancis/laravel-secureheaders package in your composer.json and update your dependencies:

composer require mikefrancis/laravel-secureheaders

If you are using Laravel 5.5+, package discovery is enabled. For Laravel 5.4, add the service provider to your config/app.php providers array:

MikeFrancis\LaravelSecureHeaders\ServiceProvider::class,

Usage

To add more secure headers to your entire application, add the ApplySecureHeaders middleware in the $middleware property of app/Http/Kernel.php class:

protected $middleware = [
    // ...
    \MikeFrancis\LaravelSecureHeaders\ApplySecureHeaders::class,
];

Configuration

Some sensible defaults have been set in config/secure-headers.php but if you'd like to change these, copy the file to your own application's config using the following command:

php artisan vendor:publish --provider="MikeFrancis\LaravelSecureHeaders\ServiceProvider"

A typical configuration might look like this:

<?php

return [
    // Safe Mode
    'safeMode' => false,

    // HSTS Strict-Transport-Security
    'hsts' => [
        'enabled' => true,
    ],

    // Content Security Policy
    'csp' => [
        'default' => [
            'self',
        ],
        'img-src' => [
            '*', // Allow images from anywhere
        ],
        'style-src' => [
            'self',
            'unsafe-inline', // Allow inline styles
            'https://fonts.googleapis.com', // Allow stylesheets from Google Fonts
        ],
        'font-src' => [
            'self',
            'https://fonts.gstatic.com', // Allow fonts from the Google Fonts CDN
        ],
    ],
];

For a full reference of Content Security Policy directives and their values, see content-security-policy.com.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].