Download the PHP package easyshield/php-secure-headers without Composer

On this page you can find all versions of the php package easyshield/php-secure-headers. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of easyshield/php-secure-headers

Informations about the package php-secure-headers

PHP Secure Headers

Latest Version on Packagist Tests Total Downloads

فارسی

A powerful PHP library for managing security headers in web applications. This library helps you implement best security practices by easily configuring various security headers including Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and more. ## Features - 🛡️ Easy configuration of security headers - 🔒 Support for Content Security Policy (CSP) - 🔐 HTTP Strict Transport Security (HSTS) - 🚫 X-Frame-Options protection - 🔍 X-Content-Type-Options - 🛑 X-XSS-Protection - 📝 Referrer Policy - 🎯 Permissions Policy - 📱 Client Hints Policy - ⚙️ Two security levels: Basic and Strict - 🔄 Automatic nonce generation for CSP - ⚡ Framework integrations (Laravel & Symfony) ## Installation You can install the package via composer: ## Quick Usage ### Method 1: Plain PHP Just 5 lines of code to enable all security headers: ### Method 2: Laravel Integration In Laravel, just add the middleware: Then register it in `bootstrap/app.php`: ### Method 3: Symfony Integration ## Custom Configuration Enable only specific headers: ### Custom CSP #### Method 1: Using Array Configuration #### Method 2: Using CSP Builder (Fluent API) #### Advanced CSP Features **Auto-detecting external resources from HTML:** **Auto-injecting nonces into HTML:** **Using hashes for inline scripts instead of nonces:** ### Custom HSTS ### Custom Permissions Policy ## Framework Integration ### Laravel For detailed Laravel instructions, see [examples/Laravel/README.md](examples/Laravel/README.md). > **Note**: When using the Laravel integration, please include the following attribution in your project's README: > > Laravel integration based on [PHP Secure Headers](https://github.com/shadighorbani7171/php-secure-headers) by [Shadi Ghorbani](https://github.com/shadighorbani7171). ### Symfony 7/8 For detailed Symfony instructions, see [examples/Symfony/README.md](examples/Symfony/README.md). > **Note**: When using the Symfony integration, please include the following attribution in your project's README: > > Symfony integration based on [PHP Secure Headers](https://github.com/shadighorbani7171/php-secure-headers) by [Shadi Ghorbani](https://github.com/shadighorbani7171). ## Advanced Usage ### Client Hints Policy ### Critical Client Hints ## Security Levels The library supports two security levels: ### Basic Level * Allows 'unsafe-inline' for styles * Less restrictive CSP * Basic permissions policy ### Strict Level (Default) * No 'unsafe-inline' * Strict CSP with nonce * Comprehensive permissions policy * Enforces upgrade-insecure-requests ## More Examples For more examples, please refer to the [comprehensive guide](GUIDE.md). ## Testing ## Code Quality ## Feedback and Contributions Your feedback is highly appreciated! If you have any suggestions, ideas, or comments, please: * Open an issue on GitHub * Share how you're using the library * Suggest improvements or new features See [CONTRIBUTING.md](CONTRIBUTING.md) for more information on how to contribute. ## Security If you discover any security related issues, please email [email protected] instead of using the issue tracker. ## Credits * [Shadi Ghorbani](https://github.com/shadighorbani7171) * [All Contributors](../../contributors) ## License The MIT License (MIT). Please see [License File](LICENSE.md) for more information.
# هدرهای امنیتی PHP یک کتابخانه قدرتمند PHP برای مدیریت هدرهای امنیتی در برنامه‌های وب. این کتابخانه با پیکربندی آسان انواع هدرهای امنیتی از جمله Content Security Policy (CSP)، HTTP Strict Transport Security (HSTS) و موارد دیگر، به شما کمک می‌کند بهترین روش‌های امنیتی را پیاده‌سازی کنید. ## ویژگی‌ها - 🛡️ پیکربندی آسان هدرهای امنیتی - 🔒 پشتیبانی از سیاست امنیتی محتوا (CSP) - 🔐 امنیت انتقال سختگیرانه HTTP (HSTS) - 🚫 محافظت X-Frame-Options - 🔍 X-Content-Type-Options - 🛑 X-XSS-Protection - 📝 سیاست ارجاع (Referrer Policy) - 🎯 سیاست مجوزها (Permissions Policy) - 📱 سیاست اطلاعات مشتری (Client Hints Policy) - ⚙️ دو سطح امنیتی: پایه و سختگیرانه - 🔄 تولید خودکار nonce برای CSP - ⚡ ادغام با فریم‌ورک‌ها (Laravel و Symfony) ## نصب می‌توانید این پکیج را از طریق Composer نصب کنید: ## استفاده سریع ### روش 1: PHP ساده تنها با 5 خط کد، تمام هدرهای امنیتی را فعال کنید: ### روش 2: ادغام با Laravel در Laravel، کافی است میدلور را اضافه کنید: سپس آن را در `bootstrap/app.php` ثبت کنید: ### روش 3: ادغام با Symfony ## پیکربندی سفارشی فعال‌سازی فقط هدرهای خاص: ### CSP سفارشی #### روش 1: استفاده از پیکربندی آرایه‌ای #### روش 2: استفاده از CSP Builder (API روان) #### ویژگی‌های پیشرفته CSP **تشخیص خودکار منابع خارجی از HTML:** **تزریق خودکار nonce به HTML:** **استفاده از hash برای اسکریپت‌های درون‌خطی به جای nonce:** ### HSTS سفارشی ### Custom Permissions Policy ## مستندات بیشتر برای مثال‌های بیشتر و راهنمای کامل، لطفاً به [راهنمای جامع](GUIDE.md) مراجعه کنید. ## مشارکت نظرات شما بسیار ارزشمند است! اگر پیشنهاد، ایده یا نظری دارید، لطفاً: * در GitHub یک issue باز کنید * نحوه استفاده خود از کتابخانه را به اشتراک بگذارید * بهبودها یا ویژگی‌های جدید را پیشنهاد دهید برای اطلاعات بیشتر در مورد نحوه مشارکت، به [CONTRIBUTING.md](CONTRIBUTING.md) مراجعه کنید. ## امنیت اگر مشکلات مرتبط با امنیت پیدا کردید، لطفاً به جای استفاده از issue tracker، به آدرس [email protected] ایمیل بزنید. ## مجوز مجوز MIT (MIT). لطفاً برای اطلاعات بیشتر به [فایل مجوز](LICENSE.md) مراجعه کنید.

All versions of php-secure-headers with dependencies

PHP Build Version
Package Version
Requires php Version ^8.1
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package easyshield/php-secure-headers contains the following files

Loading the files please wait ...