@extends(BaseHelper::getAdminMasterLayoutTemplate()) @section('content') @if ($allSecure) @else @endif

{{ trans('core/setting::setting.security.current_settings') }}

@foreach ($settings as $key => $setting) @endforeach
{{ trans('core/setting::setting.security.status') }} {{ trans('core/setting::setting.security.setting') }} {{ trans('core/setting::setting.security.current_value') }} {{ trans('core/setting::setting.security.recommended_value') }}
@if ($setting['is_correct']) @else @endif
{{ $setting['label'] }}
{{ $setting['description'] }}
 @php $value = is_bool($setting['value']) ? ($setting['value'] ? 'true' : 'false') : $setting['value']; $badgeClass = $setting['is_correct'] ? 'badge-outline text-success' : 'badge-outline text-warning'; @endphp {{ $value }} @php $recommended = is_bool($setting['recommended']) ? ($setting['recommended'] ? 'true' : 'false') : $setting['recommended']; @endphp {{ $recommended }}
@if (! $isHttps)
{{ trans('core/setting::setting.security.https_warning_description') }}
@endif
@if (!$allSecure)

{{ trans('core/setting::setting.security.how_to_fix') }}

{{ trans('core/setting::setting.security.env_file_location') }}

{{ trans('core/setting::setting.security.add_to_env') }}

# {{ trans('core/setting::setting.security.required_settings') }}
SESSION_HTTP_ONLY=true
ENABLE_HTTP_SECURITY_HEADERS=true

# {{ trans('core/setting::setting.security.for_https_sites') }}
@if ($isHttps)
SESSION_SECURE_COOKIE=true
@else
SESSION_SECURE_COOKIE=false
@endif

{{ trans('core/setting::setting.security.steps') }}

1
{{ trans('core/setting::setting.security.step_1') }}
2
{{ trans('core/setting::setting.security.step_2') }}
3
{{ trans('core/setting::setting.security.step_3') }}
4
{{ trans('core/setting::setting.security.step_4') }}

{{ trans('core/setting::setting.security.security_headers_info') }}

{{ trans('core/setting::setting.security.security_headers_list') }}

X-Content-Type-Options: nosniff {{ trans('core/setting::setting.security.header_nosniff') }}
X-Frame-Options: SAMEORIGIN {{ trans('core/setting::setting.security.header_frame') }}
X-XSS-Protection: 1; mode=block {{ trans('core/setting::setting.security.header_xss') }}
Referrer-Policy: strict-origin-when-cross-origin {{ trans('core/setting::setting.security.header_referrer') }}

{!! BaseHelper::clean(trans('core/setting::setting.security.learn_more', [ 'documentation' => sprintf( '%s', trans('core/setting::setting.security.documentation') ) ])) !!}

@else

{{ trans('core/setting::setting.security.security_headers_info') }}

{{ trans('core/setting::setting.security.security_headers_list') }}

X-Content-Type-Options: nosniff {{ trans('core/setting::setting.security.header_nosniff') }}
X-Frame-Options: SAMEORIGIN {{ trans('core/setting::setting.security.header_frame') }}
X-XSS-Protection: 1; mode=block {{ trans('core/setting::setting.security.header_xss') }}
Referrer-Policy: strict-origin-when-cross-origin {{ trans('core/setting::setting.security.header_referrer') }}
@endif @stop