Modern browsers offer a variety of security mechanisms for web developers. Unfortunately, some of these aren’t so easy to manage. One needs a deep understanding of the functionality as well as theory behind. Secure Headers is a library that makes all that work a lot easier for PHP developers. Here are some of the features:
- Add/remove and manage headers easily
- Build a Content Security Policy, or combine multiple together
- Content Security Policy analysis
- Easy integeration with arbitrary frameworks (take a look at the HttpAdapter)
- Protect incorrectly set cookies
- Strict mode
- Safe mode prevents accidental long-term self-DOS when using HSTS, or HPKP
- Receive warnings about missing, or misconfigured security headers