alumnos_ti/OnAPB-Carrere_Demartin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ahora si :)))))))))))))))))

Browse Source
This commit is contained in:
Laucha1312
2026-06-04 15:10:18 -03:00
parent 47408d49fc
commit 1a8c01ae45
167 changed files with 15870 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Middleware/SecurityHeaders.php
+40
View File
@@ -0,0 +1,40 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class SecurityHeaders
{
public function handle(Request $request, Closure $next)
{
$response = $next($request);
$response->headers->set('X-Frame-Options', 'SAMEORIGIN');
$response->headers->set('X-Content-Type-Options', 'nosniff');
$response->headers->set('X-XSS-Protection', '1; mode=block');
$response->headers->set('Referrer-Policy', 'strict-origin-when-cross-origin');
$response->headers->set(
'Permissions-Policy',
'camera=(), microphone=(), geolocation=()'
);
$response->headers->set(
'Strict-Transport-Security',
'max-age=31536000; includeSubDomains; preload'
);
$response->headers->set(
'Content-Security-Policy',
"default-src 'self'; " .
"script-src 'self' 'unsafe-inline' 'unsafe-eval' https://challenges.cloudflare.com; " .
"style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; " .
"font-src 'self' data: https://fonts.gstatic.com; " .
"img-src 'self' data: https:; " .
"connect-src 'self' https://challenges.cloudflare.com; " .
"frame-src 'self' https://challenges.cloudflare.com; " .
"frame-ancestors 'self';"
);
return $response;
}
}