Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Middleware/ContentSecurityPolicy.php
Show All 19 Lines | public function handle($request, Closure $next) | ||||
'csp' => 'Content-Security-Policy', | 'csp' => 'Content-Security-Policy', | ||||
'xfo' => 'X-Frame-Options', | 'xfo' => 'X-Frame-Options', | ||||
]; | ]; | ||||
$next = $next($request); | $next = $next($request); | ||||
foreach ($headers as $opt => $header) { | foreach ($headers as $opt => $header) { | ||||
if ($value = \config("app.headers.{$opt}")) { | if ($value = \config("app.headers.{$opt}")) { | ||||
$next->header($header, $value); | $next->headers->set($header, $value); | ||||
} | } | ||||
} | } | ||||
return $next; | return $next; | ||||
} | } | ||||
} | } |