Concrete CMS Package: Macareux Security Header Extended

Add security header to mitigate some types of attacks.

If you consider to mitigate CVE-2021-22954 without editing server configuration, you can use this add-on.
Ref: CVE-2021-22954 and mitigations below Concrete Version 9

Supported Headers

Cross-Origin-Resource-Policy (CORP)
Cross-Origin-Opener-Policy (COOP)
Cross-Origin-Embedder-Policy (COEP)
Access-Control-Allow-Origin

Headers supported by core

X-Frame-Options
Strict-Transport-Security (HSTS) (v9+)
Content Security Policy (CSP) (v9+)

Todo

~~X-XSS-Protection~~ (Recommended not to set)
X-Content-Type-Options

Name		Name	Last commit message	Last commit date
Latest commit History 23 Commits
controllers/single_page/dashboard/system/environment		controllers/single_page/dashboard/system/environment
install		install
single_pages/dashboard/system/environment		single_pages/dashboard/system/environment
src/Http/Middleware		src/Http/Middleware
.gitignore		.gitignore
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
composer.json		composer.json
controller.php		controller.php
icon.png		icon.png

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Uh oh!

Repository files navigation

Concrete CMS Package: Macareux Security Header Extended

Supported Headers

Headers supported by core

Todo

About

Uh oh!

Releases

Packages

Uh oh!

Contributors 2

Uh oh!

Languages

Uh oh!

License

Uh oh!

MacareuxDigital/md_security_header_extended

Folders and files

Latest commit

History

Repository files navigation

Concrete CMS Package: Macareux Security Header Extended

Supported Headers

Headers supported by core

Todo

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors 2

Uh oh!

Languages

Packages