PHP code example of revolution / laravel-fetch-metadata
1. Go to this page and download the library: Download revolution/laravel-fetch-metadata library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
revolution / laravel-fetch-metadata example snippets
use Illuminate\Foundation\Configuration\Middleware;
use Revolution\FetchMetadata\Middleware\SecFetchSite;
use Revolution\FetchMetadata\Middleware\SecFetchMode;
use Revolution\FetchMetadata\Middleware\SecFetchDest;
use Revolution\FetchMetadata\Middleware\SecFetchUser;
->withMiddleware(function (Middleware $middleware) {
$middleware->alias([
'sec-fetch-site' => SecFetchSite::class,
'sec-fetch-mode' => SecFetchMode::class,
'sec-fetch-dest' => SecFetchDest::class,
'sec-fetch-user' => SecFetchUser::class,
]);
})
use Illuminate\Foundation\Configuration\Middleware;
use Revolution\FetchMetadata\Middleware\SecFetchSite;
->withMiddleware(function (Middleware $middleware) {
$middleware->alias([
'sec-fetch-site' => SecFetchSite::class,
]);
})
use Illuminate\Foundation\Configuration\Middleware;
use Revolution\FetchMetadata\Middleware\SecFetchSite;
->withMiddleware(function (Middleware $middleware) {
$middleware->alias([
'sec-site' => SecFetchSite::class,
]);
})
use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;
Route::post('user/update-password', function (Request $request){
//
})->middleware('sec-fetch-site');
use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;
Route::post('user/update-password', function (Request $request){
//
})->middleware('sec-fetch-site:cross-site');
use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;
Route::post('user/update-password', function (Request $request){
//
})->middleware('sec-fetch-site:same-origin,cross-site');
use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;
use Revolution\FetchMetadata\Middleware\SecFetchSite;
Route::post('user/update-password', function (Request $request){
//
})->middleware(SecFetchSite::class);
Route::post('user/update-password', function (Request $request){
//
})->middleware(SecFetchSite::class.':same-origin,cross-site');
// Only allow requests from the same origin or direct user navigation
Route::post('user/delete-account', function (Request $request) {
// Handle account deletion
})->middleware('sec-fetch-site');
// Allow requests from any origin for public API endpoints
Route::get('api/public/data', function (Request $request) {
return response()->json(['data' => 'public']);
})->middleware('sec-fetch-site:same-origin,cross-site,same-site');
// Only allow requests from the exact same origin
Route::post('admin/settings', function (Request $request) {
// Handle admin settings
})->middleware('sec-fetch-site:same-origin');
// Allow requests from subdomains of the same site
Route::post('api/internal', function (Request $request) {
// Handle internal API calls
})->middleware('sec-fetch-site:same-origin,same-site');
// Only allow navigation requests (user clicking links/submitting forms)
Route::post('contact/submit', function (Request $request) {
// Handle contact form submission
})->middleware('sec-fetch-mode:navigate');
// Allow both navigation and CORS requests for API endpoints
Route::post('api/data', function (Request $request) {
return response()->json(['status' => 'success']);
})->middleware('sec-fetch-mode'); // Uses default: navigate,cors
// Only allow user-initiated navigation (clicking links, form submissions)
Route::post('user/login', function (Request $request) {
// Handle user login
})->middleware('sec-fetch-mode:navigate');
// Allow navigation, CORS, no-cors, same-origin, and websocket requests
Route::post('api/webhook', function (Request $request) {
// Handle webhook data
})->middleware('sec-fetch-mode:navigate,cors,no-cors,same-origin,websocket');
// Use both Sec-Fetch-Site and Sec-Fetch-Mode for enhanced security
Route::post('user/update-profile', function (Request $request) {
// Handle profile updates
})->middleware(['sec-fetch-site:same-origin', 'sec-fetch-mode:navigate']);
// Only allow requests initiated by user interaction
Route::post('user/transfer-funds', function (Request $request) {
// Handle fund transfers
})->middleware('sec-fetch-user');
// Block automated bot submissions on contact forms
Route::post('contact/submit', function (Request $request) {
// Handle contact form submission
})->middleware('sec-fetch-user');
// Prevent automated data harvesting
Route::get('api/user/profile', function (Request $request) {
return response()->json(['profile' => 'data']);
})->middleware('sec-fetch-user');
// Use multiple fetch metadata headers for maximum protection
Route::post('admin/critical-action', function (Request $request) {
// Handle critical admin actions
})->middleware(['sec-fetch-site:same-origin', 'sec-fetch-mode:navigate', 'sec-fetch-user']);
use Illuminate\Http\Request;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
->withExceptions(function (Exceptions $exceptions) {
$exceptions->render(function (BadRequestHttpException $e, Request $request) {
if ($request->expectsJson()) {
return response()->json([
'message' => $e->getMessage(),
], 400);
}
});
})
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.