This Joomla Plugin helps to protect your sites by using Fetch Metadata Request Headers (w3c-spec)
This Joomla Plugin helps to protect your sites by using Fetch Metadata Request Headers
The implemened rules are:
- Step 1: Allow requests from browsers which don't send Fetch Metadata
- Step 2: Allow same-site and browser-initiated requests
- Step 3: Allow simple top-level navigation and iframing
- Step 4: Opt out endpoints that are meant to serve cross-site traffic (Optional)
- Step 5: Reject all other requests that are cross-site and not navigational
- Download the latest version of the plugin
- Install the plugin using
Upload & Install - Enable the plugin
System - FetchMetadataform the plugin manager
Now the inital setup is completed.
Please note that my update server only supports the latest version running the latest version of Joomla and atleast PHP 7.2.5. Any other plugin version I may have added to the download section don't get updates using the update server.
You have found an Issue, have a question or you would like to suggest changes regarding this extension? Open an issue in this repo or submit a pull request with the proposed changes.
You want to translate this extension to your own language? Check out my Crowdin Page for my Extensions for more details. Feel free to open an issue here on any question that comes up.
This plugin is intended as backport for an upcomming PR against the core CMS 4.1.
This plugin can also been found in the Joomla! Extensions Directory: FetchMetadata by zero24
build/build.shgit commit -am 'prepare release FetchMetadata 1.0.x'git tag -s '1.0.x' -m 'FetchMetadata 1.0.x'git push origin --tags- create the release on GitHub
git push origin master
crowdin upload sources
crowdin download --skip-untranslated-files --ignore-match