SecureHeaders
in package
implements
FilterInterface
Add Common Security Headers
Tags
Table of Contents
Interfaces
- FilterInterface
- Filter interface
Properties
- $headers : array<string, string>
Methods
Properties
$headers
protected
array<string, string>
$headers
= [
// https://owasp.org/www-project-secure-headers/#x-frame-options
'X-Frame-Options' => 'SAMEORIGIN',
// https://owasp.org/www-project-secure-headers/#x-content-type-options
'X-Content-Type-Options' => 'nosniff',
// https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/jj542450(v=vs.85)#the-noopen-directive
'X-Download-Options' => 'noopen',
// https://owasp.org/www-project-secure-headers/#x-permitted-cross-domain-policies
'X-Permitted-Cross-Domain-Policies' => 'none',
// https://owasp.org/www-project-secure-headers/#referrer-policy
'Referrer-Policy' => 'same-origin',
]
Methods
after()
Add security headers.
public
after(RequestInterface $request, ResponseInterface $response[, array<int, string>|null $arguments = null ]) : void
Parameters
- $request : RequestInterface
- $response : ResponseInterface
- $arguments : array<int, string>|null = null
before()
We don't have anything to do here.
public
before(RequestInterface $request[, array<int, string>|null $arguments = null ]) : void
Parameters
- $request : RequestInterface
- $arguments : array<int, string>|null = null