seckit.settings.yml in Security Kit 8
Same filename and directory in other branches
config/install/seckit.settings.yml
7 string references to 'seckit.settings'
- SecKitEventSubscriber::__construct in src/
EventSubscriber/ SecKitEventSubscriber.php - Constructs an SecKitEventSubscriber object.
- SecKitSettingsForm::buildForm in src/
Form/ SecKitSettingsForm.php - Form constructor.
- SecKitSettingsForm::getEditableConfigNames in src/
Form/ SecKitSettingsForm.php - Gets the configuration names that will be editable.
- SecKitSettingsForm::submitForm in src/
Form/ SecKitSettingsForm.php - Form submission handler.
- SecKitTestCaseTest::testJsCssNoscript in tests/
src/ Functional/ SecKitTestCaseTest.php - Tests JS + CSS + Noscript protection.
File
config/install/seckit.settings.ymlView source
- seckit_xss:
- csp:
- checkbox: FALSE
- vendor-prefix:
- x: FALSE
- webkit: FALSE
- report-only: FALSE
- default-src: ''
- script-src: ''
- object-src: ''
- img-src: ''
- media-src: ''
- frame-src: ''
- frame-ancestors: ''
- child-src: ''
- font-src: ''
- connect-src: ''
- report-uri: '/report-csp-violation'
- upgrade-req: FALSE
- policy-uri: ''
- x_xss:
- seckit_x_xss_option_disable: Disabled
- seckit_x_xss_option_0: '0'
- seckit_x_xss_option_1: '1;'
- seckit_x_xss_option_1_block: '1; mode=block'
- select: 0
- seckit_csrf:
- origin: FALSE
- origin_whitelist: ''
- seckit_clickjacking:
- js_css_noscript: FALSE
- noscript_message: 'Sorry, you need to enable JavaScript to visit this website.'
- x_frame: '1'
- x_frame_allow_from: ''
- seckit_ssl:
- hsts: FALSE
- hsts_subdomains: FALSE
- hsts_max_age: 1000
- hsts_preload: FALSE
- seckit_ct:
- expect_ct: FALSE
- max_age: 86400
- report_uri: ''
- enforce: FALSE
- seckit_fp:
- feature_policy: FALSE
- feature_policy_policy: ''
- seckit_various:
- from_origin: FALSE
- from_origin_destination: same
- referrer_policy: FALSE
- referrer_policy_policy: 'no-referrer-when-downgrade'
- disable_autocomplete: FALSE