PHP code example of bnomei / kirby3-security-headers
1. Go to this page and download the library: Download bnomei/kirby3-security-headers library . Choose the download type require .
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
bnomei / kirby3-security-headers example snippets
return [
'bnomei.securityheaders.setter' => function ($instance) {
// https://github.com/paragonie/csp-builder
// #build-a-content-security-policy-programmatically
/** @var ParagonIE\CSPBuilder\CSPBuilder $csp */
$csp = $instance->csp();
// allowing all inline scripts and styles is
// not recommended, try using nonces instead
// $csp->setAllowUnsafeEval('script-src', true);
// $csp->setAllowUnsafeInline('script-src', true);
// $csp->setAllowUnsafeInline('style-src', true);
// youtube
$csp->addSource('frame', 'https://www.youtube.com');
$csp->addSource('frame', 'https://youtube.com');
$csp->addSource('image', 'https://ggpht.com');
$csp->addSource('image', 'https://youtube.com');
$csp->addSource('image', 'https://ytimg.com');
$csp->addSource('script', 'https://google.com');
$csp->addSource('script', 'https://youtube.com');
// vimeo
$csp->addSource('frame', 'player.vimeo.com');
$csp->addSource('image', 'i.vimeocdn.com');
$csp->addSource('script', 'f.vimeocdn.com');
$csp->addSource('source', 'player.vimeo.com');
$csp->addSource('style', 'f.vimeocdn.com');
},
// other options...
];
<script nonce="<?= site()->nonce()