Laravel不添加自定义标题

时间:2014-12-10 23:18:59

标签: php http laravel http-headers

使用laravel,我试图将自己的标题添加到服务器的所有响应中。

我在filters.php中有以下内容:

App::after(function($request, $response)
{
    // security related 
    $response->headers->set('X-Frame-Options','deny'); // Anti clickjacking
    $response->headers->set('X-XSS-Protection', '1; mode=block'); // Anti cross site scripting (XSS)
    $response->headers->set('X-Content-Type-Options', 'nosniff'); // Reduce exposure to drive-by dl attacks
    $response->headers->set('Content-Security-Policy', 'default-src \'self\''); // Reduce risk of XSS, clickjacking, and other stuff
    // Don't cache stuff (we'll be updating the page frequently)
    $response->headers->set('Cache-Control', 'nocache, no-store, max-age=0, must-revalidate');
    $response->headers->set('Pragma', 'no-cache');
    $response->headers->set('Expires', 'Fri, 01 Jan 1990 00:00:00 GMT');
    // CRITICAL: do NOT delete
    $response->headers->set('X-Archer', 'DANGER ZONE');
});

然而,当我测试它时,没有新的标题出现:

[tesla | ~] => curl -o/dev/null -s -D - localhost
HTTP/1.1 200 OK
Date: Wed, 10 Dec 2014 23:13:30 GMT
Server: Apache
X-Powered-By: PHP/5.6.2
Content-Length: 974
Content-Type: text/html; charset=UTF-8

[tesla | ~] =>

我的日志文件中没有错误或警告。怎么会这样?

3 个答案:

答案 0 :(得分:5)

试试这个:在调用视图的控制器功能中,跟随对“响应”的调用。类:

$contents = View::make('your_view')->with('data', $data);
$response = Response::make($contents, 200);
$response->header('X-Frame-Options','deny'); // Anti clickjacking
$response->header('X-XSS-Protection', '1; mode=block'); // Anti cross site scripting (XSS)
$response->header('X-Content-Type-Options', 'nosniff'); // Reduce exposure to drive-by dl attacks
$response->header('Content-Security-Policy', 'default-src \'self\''); // Reduce risk of XSS, clickjacking, and other stuff
    // Don't cache stuff (we'll be updating the page frequently)
$response->header('Cache-Control', 'nocache, no-store, max-age=0, must-revalidate');
$response->header('Pragma', 'no-cache');
$response->header('Expires', 'Fri, 01 Jan 1990 00:00:00 GMT');
return $response;

当然,您可以重构上述内容并将其包含在辅助函数中。

答案 1 :(得分:0)

也是一个选项:

return Response::view('view_name', [
    'data' => $data,
  ])->header('X-Frame-Options','deny');

发现于:http://laravel.com/docs/4.2/responses#basic-responses

查看创建自定义回复

答案 2 :(得分:0)

class Data {
    public:
        void increment() {
            this->y_val += 1024;
        }
    private:
        int y_val;
};

int main() {
    Data obj;
    obj.y_val = 42;
    obj.increment(); // obj.y_val == 1066
    return 0;
}

laravel 5.8

相关问题
最新问题