Macareux Security Header Extended
Add security headers to mitigat specific types of cyber attacks
This package is particularly useful for users of version 8.x seeking to address CVE-2021-22954 without modifying server configurations. It is compatible with versions below Concrete Version 9. It focuses on addressing a known issue where security headers are not applied when a full page is cached.
Features
- Supports the addition of crucial security headers including:
- Cross-Origin-Resource-Policy (CORP)
- Cross-Origin-Opener-Policy (COOP)
- Cross-Origin-Embedder-Policy (COEP)
- Access-Control-Allow-Origin
- Integrates with core-supported headers (no need for this add-on) such as:
- X-Frame-Options
- Strict-Transport-Security (HSTS) for version 9 and above
- Content Security Policy (CSP) for version 9 and above
- Addresses a known issue where security headers are not set when the full page is cached.
For more information and access to the official repository, visit GitHub.
Also Check Out
Pending Pages
An innovative tool designed to streamline the management of website content awaiting approval
add-on What I Do
This add-on enriches your website by allowing you to prominently display engaging information along with icons or images.
Author
Also Check Out
Pending Pages
An innovative tool designed to streamline the management of website content awaiting approval
add-on What I Do
This add-on enriches your website by allowing you to prominently display engaging information along with icons or images.