mikica/clickjacking-middleware

Provides clickjacking protection via the X-Frame-Options header.

Maintainers

Details

github.com/mikicaivosevic/clickjacking-middleware

Source

Issues

Installs: 1 161

Dependents: 0

Suggesters: 0

Security: 0

Stars: 7

Watchers: 2

Forks: 1

Open Issues: 0

1.07 2018-10-07 09:25 UTC

Requires

Requires (Dev)

BSD-3-Clause 1e23fd0c49432ffd346062a4b71f1ccecf270f37

  • Mikica Ivosevic <mikica.ivosevic.woop@gmail.com>

middlewarepsr-7X-Frame-Optionsclickjacking

This package is auto-updated.

Last update: 2024-11-08 08:16:47 UTC

README

PSR-7 Middleware that provides clickjacking protection via the X-Frame-Options header.

Middleware that sets the X-Frame-Options HTTP header in HTTP responses. Does not set the header if it's already set. By default, sets the X-Frame-Options header to 'SAMEORIGIN', meaning the response can only be loaded on a frame within the same site.

Note: older browsers will quietly ignore this header, thus other clickjacking protection techniques should be used if protection in those browsers is required.

Installation

composer require mikica/clickjacking-middleware

Usage

In Slim 3:

//new Clickjacking\Middleware\XFrameOptions("DENY")
$app->add(new Clickjacking\Middleware\XFrameOptions());

$app->get('/', function ($request, $response, $args) {
    return $response;
});