Issues
- 7
- 3
Support for Reporting API and NEL header
#49 opened by arxeiss - 6
- 2
Laravel Horizon not loading UI
#82 opened by incoming-th - 1
- 4
- 2
Add CSP Report To
#65 opened by NKazantsev - 1
Add route whitelist
#67 opened by beard7 - 1
- 1
jquery.min.js
#75 opened by jd5am - 6
securityheaders.com still show Big red F
#76 opened by arshadanjum167 - 2
- 6
- 2
Unable to set multiple values to the frame-ancestors directive of the content-security-policy header
#73 opened by karamvirs - 4
Laravel 9 Support
#68 opened by HDVinnie - 4
Unrecognized feature: 'display-capture'
#37 opened by katranci - 2
undefined index: x-content-type-options
#61 opened by ChaerilM - 3
Error 500 in Laravel
#56 opened by robertnicjoo - 5
Please provide better examples for csp
#21 opened by dsingleton47 - 1
Incorrect option header name
#54 opened - 8
- 0
X-Powered-By header name
#50 opened by x0y-gt - 1
nonces not cleared when unit testing
#46 opened by wvdongen - 5
Add Nonce on Javascript Navigation
#45 opened by PanjiNamjaElf - 9
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”).
#43 opened by urfusion - 5
Image data: Question
#41 opened by HDVinnie - 2
X-Powered-By Attack
#39 opened by HDVinnie - 2
- 7
Get Error parsing header in Chrome Console
#36 opened by Kokil - 2
Working with default settings.
#34 opened by voske - 4
- 3
Laravel Issue
#14 opened by chriskivaze - 8
The right way to config
#33 opened by Masoud180 - 2
Error EvalError: for scipt
#31 opened by hasiashiana - 10
I need use url logo in footers website
#29 opened by msadeqi - 5
- 0
question about sha integrity approach
#30 opened by ChaerilM - 2
CSP missing after latest release
#28 opened by austintoddj - 4
Add New Header: Feature Policy
#27 opened by austintoddj - 1
Feedback for last commits :)
#26 opened by JohanMa4 - 1
How to setup 'script-src' on https protocol?
#24 opened by JohanMa4 - 3
- 2
Error when loading data:image - violates csp
#20 opened by redroses - 2
CSP Level 3 changes - "Child-src" Deprecated, Replaced by "frame-src" that is undeprecated, and "worker-src" is added
#17 opened by PrinsFrank - 1
Tags after merge
#19 opened by ruudy-es - 2
not able to allow socket.io
#12 opened by nomadtechiemike - 6
Laravel duplicates X-Content-Type-Options header
#11 opened by johnboc - 5
Support for blob:
#10 opened by grafikkaos - 2
- 0