Skip to content

SecureHeaders

  • Full name: \Codefy\Framework\Http\Middleware\SecureHeaders\SecureHeaders
  • This class is marked as final and can't be subclassed
  • This class is a Final class

Properties

compiled

protected bool $compiled

headers

protected array $headers

nonces

protected static array $nonces
  • This property is static.

config

protected array $config

Methods

__construct

public __construct(array $config = []): mixed

Parameters:

Parameter Type Description
$config array

headers

public headers(): array

compile

protected compile(): void

csp

protected csp(): array

hsts

Strict Transport Security.

protected hsts(): array|string[]

expectCT

protected expectCT(): array

clearSiteData

Generate Clear-Site-Data header.

protected clearSiteData(): array

permissionsPolicy

protected permissionsPolicy(): array

miscellaneous

Get Miscellaneous headers.

protected miscellaneous(): array

maxAge

protected maxAge(): string

reportUri

Get report-uri directive.

protected reportUri(): string

directive

Parse a specific permission policy value.

protected directive(array $config): string

Parameters:

Parameter Type Description
$config array

origins

Get valid origins.

protected origins(array $origins): array

Parameters:

Parameter Type Description
$origins array

nonce

Generate random nonce value for the current request.

public static nonce(string $target = 'script'): string
  • This method is static.

Parameters:

Parameter Type Description
$target string

Throws:

removeNonce

Remove a specific nonce value or flush all nonces for the given target.

public static removeNonce(string|null $target = null, string|null $nonce = null): void
  • This method is static.

Parameters:

Parameter Type Description
$target string|null
$nonce string|null

Automatically generated on 2025-10-13