| Package Data | |
|---|---|
| Maintainer Username: | paramonovav |
| Maintainer Contact: | paramonovav@gmail.com (Anton Paramonov) |
| Package Create Date: | 2015-08-07 |
| Package Last Update: | 2015-12-24 |
| Language: | PHP |
| License: | MIT |
| Last Refreshed: | 2025-10-28 03:01:10 |
| Package Statistics | |
|---|---|
| Total Downloads: | 72 |
| Monthly Downloads: | 0 |
| Daily Downloads: | 0 |
| Total Stars: | 4 |
| Total Watchers: | 1 |
| Total Forks: | 1 |
| Total Open Issues: | 0 |
Provides support for enforcing Content Security Policy and XSS Protection with headers in Laravel 4 responses.
Note: Based on Content Security Policy, Improving Web Security with the Content Security Policy, HTTP headers.
storage/logs/content-security-policy-report folder if neededx-xss-protection, x-frame-options, x-content-type-options
Require this package with composer:
composer require paramonovav/laravel4-header-csp
After updating composer, add the ServiceProvider to the providers array in app/config/app.php
'Paramonovav\Laravel4HeaderCsp\Laravel4HeaderCspServiceProvider',
You need to publish the config from this package.
php artisan config:publish paramonovav/laravel4-header-csp
The following will apply all default profiles to the login route.
Route::get('login', array('after'=>'response.secure'), function()
{
return 'Hello, on login page !';
}));
The following will apply all default profiles and a specific google profile to the login route.
Route::get('login', array('after'=>'response.secure:google'), function()
{
return 'Hello, on login page !';
}));
You can include any number of specific profiles. The following will apply default, google, flickr, and my_custom profiles to the login route.
Route::get('login', array('after'=>'response.secure:google-flickr-my_custom'), function()
{
return 'Hello, on login page !';
}));