mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-20 17:15:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added some basic security configuration with NelmioSecurityBundle.

Browse source
This commit is contained in:
Jan Böhmer 2020-06-08 20:23:35 +02:00
parent 59d1349ce8
commit 581dcae2ef
5 changed files with 232 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
composer.json
View file

@ -21,6 +21,7 @@
"gregwar/captcha-bundle": "^2.1.0",
"league/html-to-markdown": "^4.8",
"liip/imagine-bundle": "^2.2",
"nelmio/security-bundle": "^2.9",
"nyholm/psr7": "^1.1",
"ocramius/proxy-manager": "2.2.*",
"omines/datatables-bundle": "^0.4.0",

182
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "4c03a0cabed4fc08ab4f6e0fe85dd2bf",
"content-hash": "00430370b53cd18db3a0a78b70ab6b93",
"packages": [
{
"name": "beberlei/assert",
@ -168,6 +168,62 @@
],
"time": "2020-04-15T15:59:35+00:00"
},
{
"name": "composer/ca-bundle",
"version": "1.2.7",
"source": {
"type": "git",
"url": "https://github.com/composer/ca-bundle.git",
"reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/composer/ca-bundle/zipball/95c63ab2117a72f48f5a55da9740a3273d45b7fd",
"reference": "95c63ab2117a72f48f5a55da9740a3273d45b7fd",
"shasum": ""
},
"require": {
"ext-openssl": "*",
"ext-pcre": "*",
"php": "^5.3.2 || ^7.0 || ^8.0"
},
"require-dev": {
"phpunit/phpunit": "^4.8.35 || ^5.7 || 6.5 - 8",
"psr/log": "^1.0",
"symfony/process": "^2.5 || ^3.0 || ^4.0 || ^5.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.x-dev"
}
},
"autoload": {
"psr-4": {
"Composer\\CaBundle\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Jordi Boggiano",
"email": "j.boggiano@seld.be",
"homepage": "http://seld.be"
}
],
"description": "Lets you find a path to the system CA bundle, and includes a fallback to the Mozilla CA bundle.",
"keywords": [
"cabundle",
"cacert",
"certificate",
"ssl",
"tls"
],
"time": "2020-04-08T08:27:21+00:00"
},
{
"name": "doctrine/annotations",
"version": "1.10.3",
@ -2330,6 +2386,73 @@
],
"time": "2020-05-22T08:12:19+00:00"
},
{
"name": "nelmio/security-bundle",
"version": "v2.9.1",
"source": {
"type": "git",
"url": "https://github.com/nelmio/NelmioSecurityBundle.git",
"reference": "89ac385b28496691bfa7eef24d60aec9f20021a1"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/nelmio/NelmioSecurityBundle/zipball/89ac385b28496691bfa7eef24d60aec9f20021a1",
"reference": "89ac385b28496691bfa7eef24d60aec9f20021a1",
"shasum": ""
},
"require": {
"paragonie/random_compat": "~1.0|~2.0|9.99.99",
"php": ">5.4",
"symfony/framework-bundle": "~2.3|~v3.0|~4.0|~5.0",
"symfony/security-core": "~2.3|~3.0|~4.0|~5.0",
"symfony/security-csrf": "~2.3|~3.0|~4.0|~5.0",
"symfony/security-http": "~2.3|~3.0|~4.0|~5.0",
"ua-parser/uap-php": "^3.4.4"
},
"require-dev": {
"doctrine/cache": "^1.0",
"psr/cache": "^1.0",
"symfony/phpunit-bridge": "^5.0.5",
"symfony/yaml": "~2.3|~3.0|~4.0|~5.0",
"twig/twig": "^1.38|^2.10|^3.0"
},
"suggest": {
"ua-parser/uap-php": "To allow adapt CSP directives given the user-agent"
},
"type": "symfony-bundle",
"extra": {
"branch-alias": {
"dev-master": "2.9.x-dev"
}
},
"autoload": {
"psr-4": {
"Nelmio\\SecurityBundle\\": ""
},
"exclude-from-classmap": [
"/Tests/"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Nelmio",
"homepage": "http://nelm.io"
},
{
"name": "Symfony Community",
"homepage": "https://github.com/nelmio/NelmioSecurityBundle/contributors"
}
],
"description": "Extra security-related features for Symfony: signed/encrypted cookies, HTTPS/SSL/HSTS handling, cookie session storage, ...",
"keywords": [
"security"
],
"time": "2020-05-11T08:12:17+00:00"
},
{
"name": "nikic/php-parser",
"version": "v4.5.0",
@ -9639,6 +9762,63 @@
],
"time": "2020-02-11T15:33:47+00:00"
},
{
"name": "ua-parser/uap-php",
"version": "v3.9.8",
"source": {
"type": "git",
"url": "https://github.com/ua-parser/uap-php.git",
"reference": "fde0bd76ebd21cebfabc90a3a0d927754cb4f739"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/ua-parser/uap-php/zipball/fde0bd76ebd21cebfabc90a3a0d927754cb4f739",
"reference": "fde0bd76ebd21cebfabc90a3a0d927754cb4f739",
"shasum": ""
},
"require": {
"composer/ca-bundle": "^1.1",
"php": "^7.2"
},
"require-dev": {
"phpunit/phpunit": "^7 || ^8 || ^9",
"symfony/console": "^3.4 || ^4.3 || ^5.0",
"symfony/filesystem": "^3.4 || ^4.3 || ^5.0",
"symfony/finder": "^3.4 || ^4.3 || ^5.0",
"symfony/yaml": "^3.4 || ^4.3 || ^5.0"
},
"suggest": {
"symfony/console": "Required for CLI usage - ^3.4 || ^4.3 || ^5.0",
"symfony/filesystem": "Required for CLI usage - ^3.4 || ^4.3 || ^5.0",
"symfony/finder": "Required for CLI usage - ^3.4 || ^4.3 || ^5.0",
"symfony/yaml": "Required for CLI usage - ^3.4 || ^4.3 || ^5.0"
},
"bin": [
"bin/uaparser"
],
"type": "library",
"autoload": {
"psr-4": {
"UAParser\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Dave Olsen",
"email": "dmolsen@gmail.com"
},
{
"name": "Lars Strojny",
"email": "lars@strojny.net"
}
],
"description": "A multi-language port of Browserscope's user agent parser.",
"time": "2020-04-28T08:09:42+00:00"
},
{
"name": "webmozart/assert",
"version": "1.8.0",

1
config/bundles.php
View file

@ -25,4 +25,5 @@ return [
Translation\Bundle\TranslationBundle::class => ['all' => true],
Symplify\ParameterNameGuard\ParameterNameGuardBundle::class => ['dev' => true, 'test' => true],
Florianv\SwapBundle\FlorianvSwapBundle::class => ['all' => true],
Nelmio\SecurityBundle\NelmioSecurityBundle::class => ['all' => true],
];

31
config/packages/nelmio_security.yaml Normal file
View file

@ -0,0 +1,31 @@
nelmio_security:
# prevents framing of the entire site
clickjacking:
paths:
'^/.*': SAMEORIGIN
# disables content type sniffing for script resources
content_type:
nosniff: true
# prevents redirections outside the website's domain
external_redirects:
abort: true
log: true
# forces Microsoft's XSS-Protection with
# its block mode
xss_protection:
enabled: true
mode_block: true
# Send a full URL in the `Referer` header when performing a same-origin request,
# only send the origin of the document to secure destination (HTTPS->HTTPS),
# and send no header to a less secure destination (HTTPS->HTTP).
# If `strict-origin-when-cross-origin` is not supported, use `no-referrer` policy,
# no referrer information is sent along with requests.
referrer_policy:
enabled: true
policies:
- 'no-referrer'
- 'strict-origin-when-cross-origin'

18
symfony.lock
View file

@ -14,6 +14,9 @@
"brick/math": {
"version": "0.8.15"
},
"composer/ca-bundle": {
"version": "1.2.7"
},
"composer/semver": {
"version": "1.5.0"
},
@ -214,6 +217,18 @@
"monolog/monolog": {
"version": "1.24.0"
},
"nelmio/security-bundle": {
"version": "2.4",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "master",
"version": "2.4",
"ref": "65726efb67ff51d89de38195bc0d230fa811f64d"
},
"files": [
"./config/packages/nelmio_security.yaml"
]
},
"netresearch/jsonmapper": {
"version": "v1.6.0"
},
@ -915,6 +930,9 @@
"twig/twig": {
"version": "v2.6.2"
},
"ua-parser/uap-php": {
"version": "v3.9.8"
},
"vimeo/psalm": {
"version": "3.5.1"
},