The most important HTTP Security Headers which should be used by all webmasters: Content-Security-Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. Directives include upgrade-insecure-requests; , default-src, script-src, style-src, img-src, object-src, plugin-types to specify permitted sources for scripts, CSS stylesheets, and images. A basic […]
Below are some useful solutions (php functions) for HTTP Status Codes returned in the required page header by servers when loading a web page. global $http_status_code; $http_status_code = [ // ~~~ officially known https codes 100 => ‘Continue’, 101 => ‘Switching Protocols’, 102 => ‘Processing’, // WebDAV; RFC 2518 103 => ‘Early Hints’, // RFC 8297 […]
1st. step: Disable https/ssl verify & set some headers … $context = stream_context_create( [ ‘ssl’ => [ ‘verify_peer’ => false, ‘verify_peer_name’ => false, ], ‘http’=>array( ‘max_redirects’=>10, ‘ignore_errors’=>0, ‘method’=>”GET”, ‘header’=>”Accept-language: en\r\n” . “Cookie: \r\n” . “User-Agent: Mozilla/5.0 (Linux; Android 4.0.4; Galaxy Nexus Build/IMM76B) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.133 Mobile Safari/535.19\r\n” ) ]); default method is GET, […]