Issue
I want to prevent my website from clickJacking attack. In which file and where to set X-Frame-Options for preventing clickJacking attack.
Solution
You have 2 ways:
- Setup it in a reverse proxy such as Nginx
add_header X-Frame-Options "SAMEORIGIN";
- Use Laravel middleware
Illuminate\Http\Middleware\FrameGuard
onto the routes you want to protect.
<?php
namespace Illuminate\Http\Middleware;
use Closure;
class FrameGuard
{
/**
* Handle the given request and get the response.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return \Symfony\Component\HttpFoundation\Response
*/
public function handle($request, Closure $next)
{
$response = $next($request);
$response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
return $response;
}
}
Answered By - Shizzen83 Answer Checked By - Katrina (PHPFixing Volunteer)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.