Go to Qiita Advent Calendar 2024 Top
LoginSignup
9
14

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

@niiyz

Laravel5でHTTPレスポンスのヘッダー追記をAfterミドルウエアを作成してWebサイト全体に適応する。

Posted at

HTTPレスポンスヘッダーを追加するAfterミドルウエアを作成してWebページ全体に適応する。

  • セキュリティ対策などサイト全体に反映したいのでミドルウエアにする。

ミドルウエア作成

% php artisan make:middleware AddResponseHeaders
Middleware created successfully.
  • app/Http/Middleware/AddResponseHeaders.php を編集

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $response = $next($request);

        $response->header('TEST-HEADER',            'hoge');
        $response->header('Cache-control',          'no-store');
        $response->header('Pragma',                 'no-cache');
        $response->header('X-Frame-Options',        'Deny');
        $response->header('X-Content-Type-Options', 'nosniff');
        $response->header('X-XSS-Protection',       '1; mode=block');

        return $response;
    }

ミドルウエアをWebページに適用

  • ミドルウエアグループの「web」の配列に追記する。
  • routes/web.php に記述してあるルートのHTTPレスポンス全部に反映。
  • app/Http/Kernel.php を編集

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            // \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
            \App\Http\Middleware\AddResponseHeaders::class,// <- 追記する
        ],
  • ミドルウエアがwebになっているルート全てに反映される。
% php artisan route:list
+--------+----------+----------+------+---------+--------------+
| Domain | Method   | URI      | Name | Action  | Middleware   |
+--------+----------+----------+------+---------+--------------+
|        | GET|HEAD | /        |      | Closure | web          |
|        | GET|HEAD | api/user |      | Closure | api,auth:api |
|        | GET|HEAD | test     |      | Closure | web          |
+--------+----------+----------+------+---------+--------------+

HTTPヘッダーを確認

% php artisan serve
Laravel development server started: <http://127.0.0.1:8000>
スクリーンショット 2018-05-06 11.34.02.png
9
14
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
9
14

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?