{"id":27844,"date":"2017-08-14T09:30:07","date_gmt":"2017-08-14T07:30:07","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=27844"},"modified":"2017-08-14T09:30:07","modified_gmt":"2017-08-14T07:30:07","slug":"secure-headers-a-php-library-for-easier-management-of-browser-security-features","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2017\/08\/14\/secure-headers-a-php-library-for-easier-management-of-browser-security-features\/","title":{"rendered":"Secure Headers &#8211; a PHP library for easier management of browser security features"},"content":{"rendered":"<!-- google_ad_section_start -->\n<p>Modern browsers offer a variety of security mechanisms for web developers. \u00a0Unfortunately, some of these aren&#8217;t so easy to manage. \u00a0One needs a deep understanding of the functionality as well as theory behind. \u00a0<a href=\"https:\/\/github.com\/aidantwoods\/SecureHeaders\">Secure Headers<\/a> is a library that makes all that work a lot easier for PHP developers. \u00a0Here are some of the features:<\/p>\n<ul>\n<li>Add\/remove and manage headers easily<\/li>\n<li>Build a Content Security Policy, or combine multiple together<\/li>\n<li>Content Security Policy analysis<\/li>\n<li>Easy integeration with arbitrary frameworks (take a look at the HttpAdapter)<\/li>\n<li>Protect incorrectly set cookies<\/li>\n<li>Strict mode<\/li>\n<li>Safe mode prevents accidental long-term self-DOS when using HSTS, or HPKP<\/li>\n<li>Receive warnings about missing, or misconfigured security headers<\/li>\n<\/ul>\n<!-- google_ad_section_end -->\n","protected":false},"excerpt":{"rendered":"<!-- google_ad_section_start -->\n<p>Modern browsers offer a variety of security mechanisms for web developers. \u00a0Unfortunately, some of these aren&#8217;t so easy to manage. \u00a0One needs a deep understanding of the functionality as well as theory behind. \u00a0Secure Headers is a library that makes all that work a lot easier for PHP developers. \u00a0Here are some of the features: &hellip; <a href=\"https:\/\/mamchenkov.net\/wordpress\/2017\/08\/14\/secure-headers-a-php-library-for-easier-management-of-browser-security-features\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Secure Headers &#8211; a PHP library for easier management of browser security features<\/span><\/a><\/p>\n<!-- google_ad_section_end -->\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"Secure Headers - a PHP library for easier management of browser security features #PHP #security #browsers","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false,"_links_to":"","_links_to_target":""},"categories":[1,18,133,62,1334],"tags":[20,3225,38,200,1330],"keyring_services":[],"class_list":["post-27844","post","type-post","status-publish","format-standard","hentry","category-general","category-programming","category-sysadmin","category-technology","category-web-work","tag-browsers","tag-http","tag-php","tag-security","tag-web-development"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":28610,"url":"https:\/\/mamchenkov.net\/wordpress\/2018\/06\/07\/http-the-headers-we-want\/","url_meta":{"origin":27844,"position":0},"title":"HTTP : The headers we want","author":"Leonid Mamchenkov","date":"June 7, 2018","format":false,"excerpt":"\"The headers we want\" is a very simple, straight to the point blog post on the Fastly blog.\u00a0 Unlike many other more generic articles on the subject, it doesn't try to explain the meaning of every HTTP header out there, and it doesn't go into deep theory or the meaning\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2018\/06\/server-timing-500x183.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":49042,"url":"https:\/\/mamchenkov.net\/wordpress\/2020\/05\/25\/send-additional-http-headers-to-nginxs-fastcgi\/","url_meta":{"origin":27844,"position":1},"title":"Send additional HTTP headers to Nginx&#8217;s FastCGI","author":"Leonid Mamchenkov","date":"May 25, 2020","format":false,"excerpt":"It's not that often that I come across a useful, but undocumented feature in a major software application.\u00a0 It happened recently, so I'll document it here just for the future self. For a particular setup, I had to send additional HTTP headers (let's use X-GEOIP for this example) to the\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":12046,"url":"https:\/\/mamchenkov.net\/wordpress\/2009\/12\/09\/web-statistics-and-visitor-tracking-things-you-need-to-know\/","url_meta":{"origin":27844,"position":2},"title":"Web statistics and visitor tracking : things you need to know","author":"Leonid Mamchenkov","date":"December 9, 2009","format":false,"excerpt":"First of all, just to make it clear, I don't recommend writing your own web statistics \/ analytics \/ tracking application. \u00a0Google Analytics can track and report pretty much everything you will ever need. Period. If you think it can't do it, chances are you just don't know how. \u00a0That's\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28180,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/11\/06\/clockwork-php-developer-tools-integration-for-google-chrome\/","url_meta":{"origin":27844,"position":3},"title":"Clockwork &#8211; PHP developer tools integration for Google Chrome","author":"Leonid Mamchenkov","date":"November 6, 2017","format":false,"excerpt":"Clockwork is a PHP library and a Google Chrome extension that work together to provide a new tab in the Google Chrome DevTools for PHP developers.\u00a0 The tab contains all sorts of useful information such as variable values, application tracing, timing, and more.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/11\/clockwork-500x223.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":27490,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/04\/09\/charles-web-debugging-proxy-application\/","url_meta":{"origin":27844,"position":4},"title":"Charles &#8211; web debugging proxy application","author":"Leonid Mamchenkov","date":"April 9, 2017","format":false,"excerpt":"Charles is a web debugging proxy application for Windows, Mac OS, and Linux. \u00a0Here's a quick description from the project's website: Charles is an HTTP proxy \/ HTTP monitor \/ Reverse Proxy that enables a developer to view all of the HTTP and SSL \/ HTTPS traffic between their machine\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/04\/charles-macosx-500x387.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":28282,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/12\/18\/the-2018-guide-to-building-secure-php-software\/","url_meta":{"origin":27844,"position":5},"title":"The 2018 Guide to Building Secure PHP Software","author":"Leonid Mamchenkov","date":"December 18, 2017","format":false,"excerpt":"\"The 2018 Guide to Building Secure PHP Software\" is an excellent guide to writing modern PHP applications with security in mind.\u00a0 It covers a bunch of the usual topics, but provides fresher solutions than most other similar guides.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2017\/12\/php-security-2018-500x204.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=27844"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27844\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=27844"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=27844"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=27844"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=27844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}