add same security headers
vahidalvandi opened this issue · 1 comments
vahidalvandi commented
in this package have same security i add all in this middlware
https://github.com/getspooky/Laravel-Mitnick/tree/master/src/Security
`<?php
namespace webine\base\http\middleware;
use Closure;
use Illuminate\Http\Request;
class security_headers
{
public function handle(Request $request, Closure $next)
{
$response = $next($request);
//add from https://github.com/getspooky/Laravel-Mitnick/tree/master/src/Security
$response->header('X-Frame-Options', 'deny');
$response->header('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0, s-maxage=0');
$response->header('X-DNS-Prefetch-Control', 'off');
$response->header('Strict-Transport-Security', 'max-age=5184000,preload');
$response->header('X-Content-Type-Options', 'nosniff');
header_remove("X-Powered-By");
return $response;
}
}
`
denisdulici commented
Feel free to send a PR.