Malin a révisé ce gist . Aller à la révision
1 file changed, 20 insertions
headers.php(fichier créé)
| @@ -0,0 +1,20 @@ | |||
| 1 | + | // START - add Permissions-Policy Header | |
| 2 | + | header("Permissions-Policy: accelerometer 'none' ; ambient-light-sensor 'none' ; autoplay 'none' ; camera 'none' ; encrypted-media 'none' ; fullscreen 'none' ; geolocation 'none' ; gyroscope 'none' ; magnetometer 'none' ; microphone 'none' ; midi 'none' ; payment 'none' ; speaker 'none' ; sync-xhr 'none' ; usb 'none' ; notifications 'none' ; vibrate 'none' ; push 'none' ; vr 'none' "); | |
| 3 | + | // END - add Permissions-Policy Header | |
| 4 | + | ||
| 5 | + | // START - add Referrer-Policy Header | |
| 6 | + | header('Referrer-Policy: same-origin'); | |
| 7 | + | // END - add Referrer-Policy Header | |
| 8 | + | ||
| 9 | + | // START - add X-XSS-Protection Header | |
| 10 | + | header('X-XSS-Protection: 1; mode=block'); | |
| 11 | + | // START - add X-XSS-Protection Header | |
| 12 | + | ||
| 13 | + | // START - add X-Frame-Options Header | |
| 14 | + | header('X-Frame-Options: SAMEORIGIN'); | |
| 15 | + | // START - add X-Frame-Options Header | |
| 16 | + | ||
| 17 | + | // START - add X-Content-Type-Options Header | |
| 18 | + | header('X-Content-Type-Options: nosniff'); | |
| 19 | + | // START - add X-Content-Type-Options Header | |
| 20 | + | header('Access-Control-Allow-Origin: *'); | |
Plus récent
Plus ancien