diff --git a/data/user.global.php.dist b/data/user.global.php.dist index 65d9a93..5dd7736 100644 --- a/data/user.global.php.dist +++ b/data/user.global.php.dist @@ -139,6 +139,7 @@ return [ 'date_pattern' => 'dd/MM/yyyy', ], 'security' => [ + // Request 'ip' => [ 'is_active' => true, 'whitelist' => [ @@ -178,12 +179,20 @@ return [ 'max_requests' => 100, 'rate_limit' => 60, // Time window in seconds ], - 'account' => [ - 'attempts' => 5, - 'ttl' => 3600, + // Response + 'header' => [ + 'is_active' => true, + ], + 'escape' => [ + 'is_active' => true, ], 'compress' => [ 'is_active' => true, ], + // Account + 'account' => [ + 'attempts' => 5, + 'ttl' => 3600, + ], ], ]; \ No newline at end of file diff --git a/src/Middleware/SecurityMiddleware.php b/src/Middleware/SecurityMiddleware.php index 4b38394..5370545 100644 --- a/src/Middleware/SecurityMiddleware.php +++ b/src/Middleware/SecurityMiddleware.php @@ -124,10 +124,17 @@ protected function securityRequestList(): array protected function securityResponseList(): array { - return [ - 'header' => new ResponseHeaders($this->config), - 'escape' => new ResponseEscape($this->config), - 'compress' => new ResponseCompress($this->config), - ]; + $list = []; + if (isset($this->config['header']['is_active']) && $this->config['header']['is_active']) { + $list['header'] = new ResponseHeaders($this->config); + } + if (isset($this->config['escape']['is_active']) && $this->config['escape']['is_active']) { + $list['escape'] = new ResponseEscape($this->config); + } + if (isset($this->config['compress']['is_active']) && $this->config['compress']['is_active']) { + $list['compress'] = new ResponseCompress($this->config); + } + + return $list; } } \ No newline at end of file