Download the PHP package mazedlx/laravel-feature-policy without Composer

On this page you can find all versions of the php package mazedlx/laravel-feature-policy. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-feature-policy

Configure the browsers abilities

Latest Version on Packagist Tests Analyse and format Total Downloads

The Permissions-Policy, which previously was known as the Feature-Policy. But since it came out of draft, it was renamed to "Permissions-Policy".
The "Permissions-Policy" is an HTTP header which can be used to restrict the abilities of a browser.

Where the Content-Security-Policy focuses on security, the "Permissions-Policy" focuses on allowing or disabling the abilities of the browser.
This can be done though the HTTP header, which this package focuses on, but it can also do this through the allows attribute on the iframe element.

iframe example

More on the header itself can be found on the following sites.

Installation

Laravel 10 users should use v2.0 or newer, otherwise stick to v1.3

The package can be installed though composer:

After which the config file needs to be published:

Which looks like this:

Config file

Middleware

You can add "Feature-Policy" headers to all responses by registering Mazedlx\FeaturePolicy\AddFeaturePolicyHeaders::class in the HTTP kernel:

Middleware example

Alternatively you can add the middleware to a single route and route group:

Route example You could even pass a policy as a parameter and override the policy specified in the config file:

Usage

This package allows you to configure the policies that end up in the "Permissions-Policy" header.

This policy determines which directives will be set in the "Permissions-Policy" header of the response.

It uses the following syntax;

An example of a "Permissions-Policy" directive is microphone:

Permissions-Policy: microphone=(self "https://spatie.be")

In the above example by specifying microphone and allowing it for self makes the permission disabled for all origins except our own and https://spatie.be.

The current list of directives can be found here. Some of these are:

You can add multiple policy options as an array or as a single string with space-separated options:

Creating Policies

The policy key of the feature-policy config file is set to Mazedlx\FeaturePolicy\Policies\Basic::class by default, which allows your site to use a few of the available features. The class looks like this:

Basic policy

Let's say you're happy with allowing geolocation and fullscreen but also wanted to add www.awesomesite.com to gain access to this feature, then you can easily extend the class:

MyFeature policy

Don't forget to change the policy key in the feature-policy config file to the class name fo your policy (e.g. App\Services\Policies\MyFeaturePolicy).

Testing

You can run all tests with:

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Contributers

Made with contrib.rocks.

Security

If you discover any security related issues please email [email protected] instead of using the issue tracker.

Credits

This package is strongly inspired by Spatie laravel-csp package. Thanks to Freek van der Herten and Thomas Verhelst for creating such an awesome package and doing all the heavy lifting!

Support

If you like this package please feel free to star it.

License

The MIT License (MIT). Please see LICENSE for more information.


All versions of laravel-feature-policy with dependencies

PHP Build Version
Package Version
Requires php Version ^8.1|^8.2
illuminate/http Version ^7.0|^8.0|^9.0|^10.0|^11.0
illuminate/support Version ^7.0|^8.0|^9.0|^10.0|^11.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mazedlx/laravel-feature-policy contains the following files

Loading the files please wait ....