[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?xml version="1.0" encoding="utf-8"?> 2 <extension type="plugin" group="system" method="upgrade"> 3 <name>plg_system_httpheaders</name> 4 <author>Joomla! Project</author> 5 <creationDate>2017-10</creationDate> 6 <copyright>(C) 2018 Open Source Matters, Inc.</copyright> 7 <license>GNU General Public License version 2 or later; see LICENSE.txt</license> 8 <authorEmail>[email protected]</authorEmail> 9 <authorUrl>www.joomla.org</authorUrl> 10 <version>4.0.0</version> 11 <description>PLG_SYSTEM_HTTPHEADERS_XML_DESCRIPTION</description> 12 <files> 13 <folder>postinstall</folder> 14 <filename plugin="httpheaders">httpheaders.php</filename> 15 </files> 16 <config> 17 <fields name="params"> 18 <fieldset name="basic"> 19 <field 20 name="xframeoptions" 21 type="radio" 22 label="PLG_SYSTEM_HTTPHEADERS_XFRAMEOPTIONS" 23 layout="joomla.form.field.radio.switcher" 24 default="1" 25 filter="integer" 26 validate="options" 27 > 28 <option value="0">JDISABLED</option> 29 <option value="1">JENABLED</option> 30 </field> 31 <field 32 name="referrerpolicy" 33 type="list" 34 label="PLG_SYSTEM_HTTPHEADERS_REFERRERPOLICY" 35 default="strict-origin-when-cross-origin" 36 validate="options" 37 > 38 <option value="disabled">JDISABLED</option> 39 <option value="no-referrer">no-referrer</option> 40 <option value="no-referrer-when-downgrade">no-referrer-when-downgrade</option> 41 <option value="origin">origin</option> 42 <option value="origin-when-cross-origin">origin-when-cross-origin</option> 43 <option value="same-origin">same-origin</option> 44 <option value="strict-origin">strict-origin</option> 45 <option value="strict-origin-when-cross-origin">strict-origin-when-cross-origin</option> 46 <option value="unsafe-url">unsafe-url</option> 47 </field> 48 <field 49 name="coop" 50 type="list" 51 label="PLG_SYSTEM_HTTPHEADERS_COOP" 52 default="same-origin" 53 validate="options" 54 > 55 <option value="disabled">JDISABLED</option> 56 <option value="same-origin">same-origin</option> 57 <option value="same-origin-allow-popups">same-origin-allow-popups</option> 58 <option value="unsafe-none">unsafe-none</option> 59 </field> 60 <field 61 name="additional_httpheader" 62 type="subform" 63 label="PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER" 64 multiple="true" 65 > 66 <form> 67 <field 68 name="key" 69 type="list" 70 label="PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER_KEY" 71 validate="options" 72 class="col-md-4" 73 > 74 <option value="content-security-policy">Content-Security-Policy</option> 75 <option value="content-security-policy-report-only">Content-Security-Policy-Report-Only</option> 76 <option value="cross-origin-opener-policy">Cross-Origin-Opener-Policy</option> 77 <option value="expect-ct">Expect-CT</option> 78 <option value="feature-policy">Feature-Policy</option> 79 <option value="permissions-policy">Permissions-Policy</option> 80 <option value="referrer-policy">Referrer-Policy</option> 81 <option value="report-to">Report-To</option> 82 <option value="strict-transport-security">Strict-Transport-Security</option> 83 <option value="x-frame-options">X-Frame-Options</option> 84 </field> 85 <field 86 name="value" 87 type="text" 88 label="PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER_VALUE" 89 class="col-md-10" 90 /> 91 <field 92 name="client" 93 type="radio" 94 label="PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT" 95 default="site" 96 validate="options" 97 class="col-md-12" 98 > 99 <option value="site">JSITE</option> 100 <option value="administrator">JADMINISTRATOR</option> 101 <option value="both">PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT_BOTH</option> 102 </field> 103 </form> 104 </field> 105 </fieldset> 106 <fieldset name="hsts" label="Strict-Transport-Security (HSTS)"> 107 <field 108 name="hsts" 109 type="radio" 110 label="PLG_SYSTEM_HTTPHEADERS_HSTS" 111 layout="joomla.form.field.radio.switcher" 112 default="0" 113 filter="integer" 114 validate="options" 115 > 116 <option value="0">JDISABLED</option> 117 <option value="1">JENABLED</option> 118 </field> 119 <field 120 name="hsts_maxage" 121 type="number" 122 label="PLG_SYSTEM_HTTPHEADERS_HSTS_MAXAGE" 123 description="PLG_SYSTEM_HTTPHEADERS_HSTS_MAXAGE_DESC" 124 default="31536000" 125 filter="integer" 126 validate="number" 127 min="300" 128 showon="hsts:1" 129 /> 130 <field 131 name="hsts_subdomains" 132 type="radio" 133 label="PLG_SYSTEM_HTTPHEADERS_HSTS_SUBDOMAINS" 134 description="PLG_SYSTEM_HTTPHEADERS_HSTS_SUBDOMAINS_DESC" 135 layout="joomla.form.field.radio.switcher" 136 default="0" 137 filter="integer" 138 validate="options" 139 showon="hsts:1" 140 > 141 <option value="0">JDISABLED</option> 142 <option value="1">JENABLED</option> 143 </field> 144 <field 145 name="hsts_preload" 146 type="radio" 147 label="PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD" 148 description="PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD_NOTE_DESC" 149 layout="joomla.form.field.radio.switcher" 150 default="0" 151 filter="integer" 152 validate="options" 153 showon="hsts:1" 154 > 155 <option value="0">JDISABLED</option> 156 <option value="1">JENABLED</option> 157 </field> 158 </fieldset> 159 <fieldset name="csp" label="Content-Security-Policy (CSP)"> 160 <field 161 name="contentsecuritypolicy" 162 type="radio" 163 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY" 164 layout="joomla.form.field.radio.switcher" 165 default="0" 166 > 167 <option value="0">JDISABLED</option> 168 <option value="1">JENABLED</option> 169 </field> 170 <field 171 name="contentsecuritypolicy_client" 172 type="list" 173 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_CLIENT" 174 default="site" 175 validate="options" 176 showon="contentsecuritypolicy:1" 177 > 178 <option value="site">JSITE</option> 179 <option value="administrator">JADMINISTRATOR</option> 180 <option value="both">PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT_BOTH</option> 181 </field> 182 <field 183 name="contentsecuritypolicy_report_only" 184 type="radio" 185 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_REPORT_ONLY" 186 description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_REPORT_ONLY_DESC" 187 layout="joomla.form.field.radio.switcher" 188 default="1" 189 showon="contentsecuritypolicy:1" 190 > 191 <option value="0">JDISABLED</option> 192 <option value="1">JENABLED</option> 193 </field> 194 <field 195 name="nonce_enabled" 196 type="radio" 197 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_NONCE_ENABLED" 198 description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_NONCE_ENABLED_DESC" 199 layout="joomla.form.field.radio.switcher" 200 default="0" 201 showon="contentsecuritypolicy:1" 202 > 203 <option value="0">JDISABLED</option> 204 <option value="1">JENABLED</option> 205 </field> 206 <field 207 name="script_hashes_enabled" 208 type="radio" 209 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_SCRIPT_HASHES_ENABLED" 210 description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_SCRIPT_HASHES_ENABLED_DESC" 211 layout="joomla.form.field.radio.switcher" 212 default="0" 213 showon="contentsecuritypolicy:1" 214 > 215 <option value="0">JDISABLED</option> 216 <option value="1">JENABLED</option> 217 </field> 218 <field 219 name="strict_dynamic_enabled" 220 type="radio" 221 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STRICT_DYNAMIC_ENABLED" 222 description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STRICT_DYNAMIC_ENABLED_DESC" 223 layout="joomla.form.field.radio.switcher" 224 default="0" 225 showon="contentsecuritypolicy:1" 226 > 227 <option value="0">JDISABLED</option> 228 <option value="1">JENABLED</option> 229 </field> 230 <field 231 name="style_hashes_enabled" 232 type="radio" 233 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STYLE_HASHES_ENABLED" 234 description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STYLE_HASHES_ENABLED_DESC" 235 layout="joomla.form.field.radio.switcher" 236 default="0" 237 showon="contentsecuritypolicy:1" 238 > 239 <option value="0">JDISABLED</option> 240 <option value="1">JENABLED</option> 241 </field> 242 <field 243 name="frame_ancestors_self_enabled" 244 type="radio" 245 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED" 246 description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED_DESC" 247 layout="joomla.form.field.radio.switcher" 248 default="1" 249 showon="contentsecuritypolicy:1" 250 > 251 <option value="0">JDISABLED</option> 252 <option value="1">JENABLED</option> 253 </field> 254 <field 255 name="contentsecuritypolicy_values" 256 type="subform" 257 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES" 258 multiple="true" 259 showon="contentsecuritypolicy:1" 260 > 261 <form> 262 <field 263 name="directive" 264 type="list" 265 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES_DIRECTIVE" 266 class="col-md-4" 267 validate="options" 268 > 269 <option value="child-src">child-src</option> 270 <option value="connect-src">connect-src</option> 271 <option value="default-src">default-src</option> 272 <option value="font-src">font-src</option> 273 <option value="frame-src">frame-src</option> 274 <option value="img-src">img-src</option> 275 <option value="manifest-src">manifest-src</option> 276 <option value="media-src">media-src</option> 277 <option value="prefetch-src">prefetch-src</option> 278 <option value="object-src">object-src</option> 279 <option value="script-src">script-src</option> 280 <option value="script-src-elem">script-src-elem</option> 281 <option value="script-src-attr">script-src-attr</option> 282 <option value="style-src">style-src</option> 283 <option value="style-src-elem">style-src-elem</option> 284 <option value="style-src-attr">style-src-attr</option> 285 <option value="worker-src">worker-src</option> 286 <option value="base-uri">base-uri</option> 287 <option value="plugin-types">plugin-types</option> 288 <option value="sandbox">sandbox</option> 289 <option value="form-action">form-action</option> 290 <option value="frame-ancestors">frame-ancestors</option> 291 <option value="navigate-to">navigate-to</option> 292 <option value="report-uri">report-uri</option> 293 <option value="report-to">report-to</option> 294 <option value="block-all-mixed-content">block-all-mixed-content</option> 295 <option value="upgrade-insecure-requests">upgrade-insecure-requests</option> 296 <option value="require-sri-for">require-sri-for</option> 297 </field> 298 <field 299 name="value" 300 type="text" 301 label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES_VALUE" 302 class="col-md-10" 303 showon="directive!:block-all-mixed-content[AND]directive!:upgrade-insecure-requests" 304 /> 305 <field 306 name="client" 307 type="radio" 308 label="PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT" 309 default="site" 310 class="col-md-12" 311 > 312 <option value="site">JSITE</option> 313 <option value="administrator">JADMINISTRATOR</option> 314 <option value="both">PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT_BOTH</option> 315 </field> 316 </form> 317 </field> 318 </fieldset> 319 </fields> 320 </config> 321 <languages> 322 <language tag="en-GB">language/en-GB/plg_system_httpheaders.ini</language> 323 <language tag="en-GB">language/en-GB/plg_system_httpheaders.sys.ini</language> 324 </languages> 325 </extension>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |