芝麻web文件管理V1.00
编辑当前文件:/home2/sdektunc/timucuy2124.gob.mx/plugins/system/httpheaders/httpheaders.xml
<?xml version="1.0" encoding="utf-8"?> <extension type="plugin" group="system" method="upgrade"> <name>plg_system_httpheaders</name> <author>Joomla! Project</author> <creationDate>October 2017</creationDate> <copyright>(C) 2018 Open Source Matters, Inc.</copyright> <license>GNU General Public License version 2 or later; see LICENSE.txt</license> <authorEmail>admin@joomla.org</authorEmail> <authorUrl>www.joomla.org</authorUrl> <version>4.0.0</version> <description>PLG_SYSTEM_HTTPHEADERS_XML_DESCRIPTION</description> <files> <folder>postinstall</folder> <filename plugin="httpheaders">httpheaders.php</filename> </files> <config> <fields name="params"> <fieldset name="basic"> <field name="xframeoptions" type="radio" label="PLG_SYSTEM_HTTPHEADERS_XFRAMEOPTIONS" layout="joomla.form.field.radio.switcher" default="1" filter="integer" validate="options" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="referrerpolicy" type="list" label="PLG_SYSTEM_HTTPHEADERS_REFERRERPOLICY" default="strict-origin-when-cross-origin" validate="options" > <option value="disabled">JDISABLED</option> <option value="no-referrer">no-referrer</option> <option value="no-referrer-when-downgrade">no-referrer-when-downgrade</option> <option value="origin">origin</option> <option value="origin-when-cross-origin">origin-when-cross-origin</option> <option value="same-origin">same-origin</option> <option value="strict-origin">strict-origin</option> <option value="strict-origin-when-cross-origin">strict-origin-when-cross-origin</option> <option value="unsafe-url">unsafe-url</option> </field> <field name="coop" type="list" label="PLG_SYSTEM_HTTPHEADERS_COOP" default="same-origin" validate="options" > <option value="disabled">JDISABLED</option> <option value="same-origin">same-origin</option> <option value="same-origin-allow-popups">same-origin-allow-popups</option> <option value="unsafe-none">unsafe-none</option> </field> <field name="additional_httpheader" type="subform" label="PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER" multiple="true" > <form> <field name="key" type="list" label="PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER_KEY" validate="options" class="col-md-4" > <option value="content-security-policy">Content-Security-Policy</option> <option value="content-security-policy-report-only">Content-Security-Policy-Report-Only</option> <option value="cross-origin-opener-policy">Cross-Origin-Opener-Policy</option> <option value="expect-ct">Expect-CT</option> <option value="feature-policy">Feature-Policy</option> <option value="permissions-policy">Permissions-Policy</option> <option value="referrer-policy">Referrer-Policy</option> <option value="report-to">Report-To</option> <option value="strict-transport-security">Strict-Transport-Security</option> <option value="x-frame-options">X-Frame-Options</option> </field> <field name="value" type="text" label="PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER_VALUE" class="col-md-10" /> <field name="client" type="radio" label="PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT" default="site" validate="options" class="col-md-12" > <option value="site">JSITE</option> <option value="administrator">JADMINISTRATOR</option> <option value="both">PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT_BOTH</option> </field> </form> </field> </fieldset> <fieldset name="hsts" label="Strict-Transport-Security (HSTS)"> <field name="hsts" type="radio" label="PLG_SYSTEM_HTTPHEADERS_HSTS" layout="joomla.form.field.radio.switcher" default="0" filter="integer" validate="options" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="hsts_maxage" type="number" label="PLG_SYSTEM_HTTPHEADERS_HSTS_MAXAGE" description="PLG_SYSTEM_HTTPHEADERS_HSTS_MAXAGE_DESC" default="31536000" filter="integer" validate="number" min="300" showon="hsts:1" /> <field name="hsts_subdomains" type="radio" label="PLG_SYSTEM_HTTPHEADERS_HSTS_SUBDOMAINS" description="PLG_SYSTEM_HTTPHEADERS_HSTS_SUBDOMAINS_DESC" layout="joomla.form.field.radio.switcher" default="0" filter="integer" validate="options" showon="hsts:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="hsts_preload" type="radio" label="PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD" description="PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD_NOTE_DESC" layout="joomla.form.field.radio.switcher" default="0" filter="integer" validate="options" showon="hsts:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> </fieldset> <fieldset name="csp" label="Content-Security-Policy (CSP)"> <field name="contentsecuritypolicy" type="radio" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY" layout="joomla.form.field.radio.switcher" default="0" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="contentsecuritypolicy_client" type="list" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_CLIENT" default="site" validate="options" showon="contentsecuritypolicy:1" > <option value="site">JSITE</option> <option value="administrator">JADMINISTRATOR</option> <option value="both">PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT_BOTH</option> </field> <field name="contentsecuritypolicy_report_only" type="radio" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_REPORT_ONLY" description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_REPORT_ONLY_DESC" layout="joomla.form.field.radio.switcher" default="1" showon="contentsecuritypolicy:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="nonce_enabled" type="radio" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_NONCE_ENABLED" description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_NONCE_ENABLED_DESC" layout="joomla.form.field.radio.switcher" default="0" showon="contentsecuritypolicy:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="script_hashes_enabled" type="radio" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_SCRIPT_HASHES_ENABLED" description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_SCRIPT_HASHES_ENABLED_DESC" layout="joomla.form.field.radio.switcher" default="0" showon="contentsecuritypolicy:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="strict_dynamic_enabled" type="radio" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STRICT_DYNAMIC_ENABLED" description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STRICT_DYNAMIC_ENABLED_DESC" layout="joomla.form.field.radio.switcher" default="0" showon="contentsecuritypolicy:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="style_hashes_enabled" type="radio" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STYLE_HASHES_ENABLED" description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STYLE_HASHES_ENABLED_DESC" layout="joomla.form.field.radio.switcher" default="0" showon="contentsecuritypolicy:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="frame_ancestors_self_enabled" type="radio" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED" description="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED_DESC" layout="joomla.form.field.radio.switcher" default="1" showon="contentsecuritypolicy:1" > <option value="0">JDISABLED</option> <option value="1">JENABLED</option> </field> <field name="contentsecuritypolicy_values" type="subform" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES" multiple="true" showon="contentsecuritypolicy:1" > <form> <field name="directive" type="list" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES_DIRECTIVE" class="col-md-4" validate="options" > <option value="child-src">child-src</option> <option value="connect-src">connect-src</option> <option value="default-src">default-src</option> <option value="font-src">font-src</option> <option value="frame-src">frame-src</option> <option value="img-src">img-src</option> <option value="manifest-src">manifest-src</option> <option value="media-src">media-src</option> <option value="prefetch-src">prefetch-src</option> <option value="object-src">object-src</option> <option value="script-src">script-src</option> <option value="script-src-elem">script-src-elem</option> <option value="script-src-attr">script-src-attr</option> <option value="style-src">style-src</option> <option value="style-src-elem">style-src-elem</option> <option value="style-src-attr">style-src-attr</option> <option value="worker-src">worker-src</option> <option value="base-uri">base-uri</option> <option value="plugin-types">plugin-types</option> <option value="sandbox">sandbox</option> <option value="form-action">form-action</option> <option value="frame-ancestors">frame-ancestors</option> <option value="navigate-to">navigate-to</option> <option value="report-uri">report-uri</option> <option value="report-to">report-to</option> <option value="block-all-mixed-content">block-all-mixed-content</option> <option value="upgrade-insecure-requests">upgrade-insecure-requests</option> <option value="require-sri-for">require-sri-for</option> </field> <field name="value" type="text" label="PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES_VALUE" class="col-md-10" showon="directive!:block-all-mixed-content[AND]directive!:upgrade-insecure-requests" /> <field name="client" type="radio" label="PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT" default="site" class="col-md-12" > <option value="site">JSITE</option> <option value="administrator">JADMINISTRATOR</option> <option value="both">PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT_BOTH</option> </field> </form> </field> </fieldset> </fields> </config> <languages> <language tag="en-GB">language/en-GB/plg_system_httpheaders.ini</language> <language tag="en-GB">language/en-GB/plg_system_httpheaders.sys.ini</language> </languages> </extension>