I am using SecurityHeadersMiddleware in cake 3.6.
and added these lines to middleware in application.php file.
$securityHeaders = new SecurityHeadersMiddleware(); $securityHeaders ->setCrossDomainPolicy() ->setReferrerPolicy() ->setXFrameOptions() ->setXssProtection(1) ->noOpen() ->noSniff(); $middlewareQueue->add($securityHeaders);
But still headers are not set in my application. Do i need to do something else ?
Need help as I need to resolve these security issues.