Laravel Security Headers

This is a Laravel service provider for adding security header responses to your application.

Installation

The SecurityHeaders Service Provider can be installed via Composer by requiring the therobfonz/laravel-security-headers package in your project's composer.json.

{
    "require": {
        "therobfonz/laravel-security-headers": "^1.0"
    }
}

Packages are auto-discovered in Laravel 5.6. Service Providers and Facades are defined in composer.json.

Config File

Publish the confirguration file using Artisan.

php artisan vendor:publish --provider="TheRobFonz\SecurityHeaders\SecurityHeadersServiceProvider"

Update your settings in the generated config/security.php configuration file.

Configuration

Add the middleware to the 'web' middleware group in App\Http\Kernel.php

protected $middlewareGroups = [
    'web' => [
        //...
    
        \TheRobFonz\SecurityHeaders\Middleware\RespondWithSecurityHeaders::class,

Nonces

Every inline script tag needs to include the @nonce blade directive in the opening tag.

<script @nonce>

therobfonz/laravel-security-headers
Release v1.0.10

Release v1.0.10

v1.0.0

v1.0.1

v1.0.10

v1.0.2

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

Documentation

Laravel Security Headers

Installation

Config File

Configuration

Nonces

Links

Stats

Development practices

Releases

Contributors

therobfonz/laravel-security-headers Release v1.0.10

Release v1.0.10 Toggle Dropdown v1.0.0 v1.0.1 v1.0.10 v1.0.2 v1.0.4 v1.0.5 v1.0.6 v1.0.7 v1.0.8 v1.0.9

Documentation

Laravel Security Headers

Installation

Config File

Configuration

Nonces

Links

Stats

Development practices

Releases

Contributors

therobfonz/laravel-security-headers
Release v1.0.10

Release v1.0.10

v1.0.0

v1.0.1

v1.0.10

v1.0.2

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9