add cross origin opener policy

zero-24 · Aug 26, 2020 · 426c75a · 426c75a
1 parent 20ecbc4
commit 426c75a
Show file tree

Hide file tree

Showing 7 changed files with 7 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -83,6 +83,7 @@ Using this you can set different values from the default ones and also force hea
 - Referrer-Policy
 - Expect-CT
 - Feature-Policy
+- Cross-Origin-Opener-Policy
 - Permissions-Policy
 
 Here you can also decide whether the header is applyed only to the frontend and or only the backed or both sites.

diff --git a/httpheader.php b/httpheader.php
@@ -54,6 +54,7 @@ class PlgSystemHttpHeader extends CMSPlugin
 		'referrer-policy',
 		'expect-ct',
 		'feature-policy',
+		'cross-origin-opener-policy',
 		'permissions-policy',
 	];
 

diff --git a/language/de-DE/de-DE.plg_system_httpheader.ini b/language/de-DE/de-DE.plg_system_httpheader.ini
@@ -5,7 +5,7 @@ COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 PLG_SYSTEM_HTTPHEADER="System - HttpHeader"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Statische HTTP Header definieren"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Über diese Option können allen unterstützten HTTP Headern auch eigene Werte zugewiesen werden, die Werte hier überschreiben alle vorherigen Konfigurationen!. Die unterstützen HTTP Header sind: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Über diese Option können allen unterstützten HTTP Headern auch eigene Werte zugewiesen werden, die Werte hier überschreiben alle vorherigen Konfigurationen!. Die unterstützen HTTP Header sind: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Cross-Origin-Opener-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="HTTP Header"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="HTTP Header Wert"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"

diff --git a/language/en-GB/en-GB.plg_system_httpheader.ini b/language/en-GB/en-GB.plg_system_httpheader.ini
@@ -5,7 +5,7 @@ COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 PLG_SYSTEM_HTTPHEADER="System - HTTPHeaders"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Force HTTP Headers"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Using this you can set different values from the default ones and also force headers. The supported headers are: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Using this you can set different values from the default ones and also force headers. The supported headers are: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Cross-Origin-Opener-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="HTTP Header"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="HTTP Header Value"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"

diff --git a/language/fr-FR/fr-FR.plg_system_httpheader.ini b/language/fr-FR/fr-FR.plg_system_httpheader.ini
@@ -7,7 +7,7 @@ COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict Transport Security (HSTS)"
 COM_PLUGINS_CSP_FIELDSET_LABEL="Content Security Policy (CSP)"
 PLG_SYSTEM_HTTPHEADER="Système - En-têtes HTTP"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Forcer les en-têtes HTTP"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Vous pouvez ainsi définir des valeurs différentes des valeurs par défaut et forcer les en-têtes. Les en-têtes supportés sont : <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Vous pouvez ainsi définir des valeurs différentes des valeurs par défaut et forcer les en-têtes. Les en-têtes supportés sont : <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Cross-Origin-Opener-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="En-tête HTTP"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="Valeur de l'en-tête HTTP"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Politique de sécurité du contenu (CSP)</a>"

diff --git a/language/it-IT/it-IT.plg_system_httpheader.ini b/language/it-IT/it-IT.plg_system_httpheader.ini
@@ -6,7 +6,7 @@ COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 PLG_SYSTEM_HTTPHEADER="System - HTTPHeaders"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Forza Header HTTP"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Utilizzando quest'opzione puoi impostare valori differenti da quelli predefiniti e forzare gli header. Gli header supportati sono: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Utilizzando quest'opzione puoi impostare valori differenti da quelli predefiniti e forzare gli header. Gli header supportati sono: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Cross-Origin-Opener-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="Header HTTP"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="Valore Header HTTP"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"

diff --git a/language/nl-NL/nl-NL.plg_system_httpheader.ini b/language/nl-NL/nl-NL.plg_system_httpheader.ini
@@ -6,7 +6,7 @@ COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 PLG_SYSTEM_HTTPHEADER="Systeem - HTTPHeaders"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="HTTP Headers forceren"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Hiermee kunt u andere waarden instellen dan de standaardwaarden en ook HTTP Headers forceren. De ondersteunde Headers zijn:<br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Hiermee kunt u andere waarden instellen dan de standaardwaarden en ook HTTP Headers forceren. De ondersteunde Headers zijn:<br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Cross-Origin-Opener-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="HTTP Header"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="HTTP Header waarde"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"