Skip to content

Zae/strict-transport-security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
src
src
 
 
tests/PHPUnit
tests/PHPUnit
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
phpunit.xml.dist
phpunit.xml.dist
 
 

Repository files navigation

strict-transport-security

Latest Version Software License Build Status Total Downloads

Enable HTTP Strict Transport Security using HTTP Middleware

L4 / L5

Middleware is available for both Laravel 4 and 5.

Install

Via Composer

$ composer require zae/strict-transport-security

Usage

Laravel 5

Add the class Zae\StrictTransportSecurity\Middleware\L5\StrictTransportSecurity to the $middlewares array.

#app/Http/Kernel.php

protected $middleware = [
	'Illuminate\View\Middleware\ShareErrorsFromSession',
	'Zae\StrictTransportSecurity\Middleware\L5\StrictTransportSecurity',
];

It's not strictly required to use the middleware but if you want to use the vendor:publish command add the service provider Zae\StrictTransportSecurity\ServiceProvider\L5HTSTServiceProvider to the providers array in the app config.

#config/app.php

return [
	'providers' => [
		Illuminate\View\ViewServiceProvider::class,

		Zae\StrictTransportSecurity\ServiceProvider\L5HTSTServiceProvider::class,
	],
];

Publish the config with php artisan vendor:publish. This file will be created at config/hsts.php.

Laravel 4

Add the serviceprovider to the list of service providers: Zae\StrictTransportSecurity\ServiceProvider\L4HTSTServiceProvider

#app/config.php

'providers' => array(
	'Illuminate\Foundation\Providers\ArtisanServiceProvider',
	'Illuminate\Auth\AuthServiceProvider',
	
	'Zae\StrictTransportSecurity\ServiceProvider\L4HTSTServiceProvider',
),

Silex Example

require __DIR__ . '/../vendor/autoload.php';

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

$app = new Silex\Application();

$app->get('/', function(Request $request) {
return new Response('Hello world!', 200);
});

$app = (new Stack\Builder())
->push('Zae\StrictTransportSecurity\Middleware\L4\StrictTransportSecurity', [new \Zae\StrictTransportSecurity\HSTS(new Illuminate\Config\Repository())])
->resolve($app)
;

$request = Request::createFromGlobals();
$response = $app->handle($request)->send();

$app->terminate($request, $response);

Symfony Example

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Debug\Debug;

$loader = require_once __DIR__.'/../app/bootstrap.php.cache';
Debug::enable();

require_once __DIR__.'/../app/AppKernel.php';

$kernel = new AppKernel('dev', true);
$kernel->loadClassCache();

$app = (new Stack\Builder())
	->push('Zae\StrictTransportSecurity\Middleware\L4\StrictTransportSecurity', [new \Zae\StrictTransportSecurity\HSTS(new Illuminate\Config\Repository())])
	->resolve($app)
;

$kernel = $stack->resolve($kernel);

Request::enableHttpMethodParameterOverride();
$request = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);

Testing

$ phpunit

Contributing

Contributions are welcome via pull requests on github.

Credits

License

The MIT License (MIT). Please see License File for more information.

About

Set the Strict Transport Security with middleware

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

0.0.3 Latest
Feb 23, 2016

Packages

No packages published

Languages