zae/strict-transport-security

设置 HSTS 头部以启用 HTTP 严格传输安全

维护者

详细信息

github.com/Zae/strict-transport-security

源代码

问题

安装数: 87,193

依赖: 0

建议者: 2

安全: 0

星星: 7

关注者: 2

分支: 1

开放问题: 0

0.0.3 2016-02-23 21:19 UTC

Requires

Requires (Dev)

MIT ffb26f953c4bcb3d72920fa53f5e73984b69e5dc

  • Ezra Pool <ezra.woop@tsdme.nl>

httpmiddlewarelaravelsslLaravel 4StackPHPlaravel 5tslhstsstrict transport security

This package is auto-updated.

Last update: 2024-09-10 09:41:01 UTC

README

Latest Version Software License Build Status Total Downloads

使用 HTTP 中间件启用 HTTP 严格传输安全

L4 / L5

中间件适用于 Laravel 4 和 5。

安装

通过 Composer

$ composer require zae/strict-transport-security

用法

Laravel 5

将类 Zae\StrictTransportSecurity\Middleware\L5\StrictTransportSecurity 添加到 $middlewares 数组。

#app/Http/Kernel.php

protected $middleware = [
	'Illuminate\View\Middleware\ShareErrorsFromSession',
	'Zae\StrictTransportSecurity\Middleware\L5\StrictTransportSecurity',
];

使用中间件不是强制性的,但如果你想使用 vendor:publish 命令,请将服务提供者 Zae\StrictTransportSecurity\ServiceProvider\L5HTSTServiceProvider 添加到应用配置中的 providers 数组。

#config/app.php

return [
	'providers' => [
		Illuminate\View\ViewServiceProvider::class,

		Zae\StrictTransportSecurity\ServiceProvider\L5HTSTServiceProvider::class,
	],
];

使用 php artisan vendor:publish 发布配置。此文件将创建在 config/hsts.php

Laravel 4

将服务提供者添加到服务提供者列表:Zae\StrictTransportSecurity\ServiceProvider\L4HTSTServiceProvider

#app/config.php

'providers' => array(
	'Illuminate\Foundation\Providers\ArtisanServiceProvider',
	'Illuminate\Auth\AuthServiceProvider',
	
	'Zae\StrictTransportSecurity\ServiceProvider\L4HTSTServiceProvider',
),

Silex 示例

require __DIR__ . '/../vendor/autoload.php';

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

$app = new Silex\Application();

$app->get('/', function(Request $request) {
return new Response('Hello world!', 200);
});

$app = (new Stack\Builder())
->push('Zae\StrictTransportSecurity\Middleware\L4\StrictTransportSecurity', [new \Zae\StrictTransportSecurity\HSTS(new Illuminate\Config\Repository())])
->resolve($app)
;

$request = Request::createFromGlobals();
$response = $app->handle($request)->send();

$app->terminate($request, $response);

Symfony 示例

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Debug\Debug;

$loader = require_once __DIR__.'/../app/bootstrap.php.cache';
Debug::enable();

require_once __DIR__.'/../app/AppKernel.php';

$kernel = new AppKernel('dev', true);
$kernel->loadClassCache();

$app = (new Stack\Builder())
	->push('Zae\StrictTransportSecurity\Middleware\L4\StrictTransportSecurity', [new \Zae\StrictTransportSecurity\HSTS(new Illuminate\Config\Repository())])
	->resolve($app)
;

$kernel = $stack->resolve($kernel);

Request::enableHttpMethodParameterOverride();
$request = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);

测试

$ phpunit

贡献

欢迎通过 github 上的 pull request 进行贡献。

鸣谢

许可证

MIT 许可证 (MIT)。请参阅许可证文件以获取更多信息。