Mojolicious-Plugin-SecurityHeader

Mojolicious Plugin


License
Artistic-2.0

Documentation

Build Status Kwalitee status GitHub issues

NAME

Mojolicious::Plugin::SecurityHeader - Mojolicious Plugin

VERSION

version 0.07

SYNOPSIS

# Mojolicious
$self->plugin('SecurityHeader');

# define which security headers should be used
$self->plugin('SecurityHeader' => [
    'Strict-Transport-Security' => -1,
    'X-Xss-Protection',
    'X-Content-Type-Options' => 'nosniff',
]);

# Mojolicious::Lite
plugin 'SecurityHeader';

DESCRIPTION

Mojolicious::Plugin::SecurityHeader is a Mojolicious plugin.

SECURITY HEADER

  • Strict-Transport-Security
  • Public-Key-Pins
  • Referrer-Policy
  • X-Content-Type-Options
  • X-Frame-Options
  • X-Xss-Protection
  • Access-Control-Allow-Origin
  • Access-Control-Expose-Headers
  • Access-Control-Max-Age
  • Access-Control-Allow-Credentials
  • Access-Control-Allow-Methods
  • Access-Control-Allow-Headers

METHODS

Mojolicious::Plugin::SecurityHeader inherits all methods from Mojolicious::Plugin and implements the following new ones.

register

$plugin->register(Mojolicious->new);

Register plugin in Mojolicious application.

CORS SUPPORT

Since version 0.06 this plugin also supports CORS. There's already Mojolicious::Plugin::CORS, but unlike that module, with the SecurityHeader plugin all CORS related headers are configurable.

SEE ALSO

Mojolicious, Mojolicious::Guides, http://mojolicious.org. Mojolicious::Plugin::CORS

Development

The distribution is contained in a Git repository, so simply clone the repository

$ git clone http://github.com/reneeb/Mojolicious-Plugin-SecurityHeader.git

and change into the newly-created directory.

$ cd Mojolicious-Plugin-SecurityHeader

The project uses Dist::Zilla to build the distribution, hence this will need to be installed before continuing:

$ cpanm Dist::Zilla

To install the required prequisite packages, run the following set of commands:

$ dzil authordeps --missing | cpanm
$ dzil listdeps --author --missing | cpanm

The distribution can be tested like so:

$ dzil test

To run the full set of tests (including author and release-process tests), add the --author and --release options:

$ dzil test --author --release

AUTHOR

Renee Baecker reneeb@cpan.org

COPYRIGHT AND LICENSE

This software is Copyright (c) 2018 by Renee Baecker.

This is free software, licensed under:

The Artistic License 2.0 (GPL Compatible)