Time to promote some open source projects again!
paragonie/hpkp-builder [15 ★]
This library aims to make it easy to build HTTP Public-Key-Pinning headers in your PHP projects, and requires at least PHP 7.
HTTP Public Key Pinning, or HPKP, is a security policy delivered via a HTTP response header much like HSTS and CSP. It allows a host to provide information to a user agent about which cryptographic identities it should accept from the host in the future. This can protect a host website from a security compromise at a Certificate Authority where rogue certificates may be issued for your hostname.
Read more about HPKP here.
Rican7/incoming [137 ★]
Incoming is a PHP library designed to simplify and abstract the transformation of loose, complex input data into consistent, strongly-typed data structures.
// Create our incoming processor $incoming = new IncomingProcessor(); // Process our raw form/request input into a User model $user = $incoming->process( $_POST, // Our HTTP form-data array new User(), // Our model to hydrate new UserHydrator() // The hydrator above );
Explaining it to any great detail is outside the scope of this short post, but in essence it allows us to precisely define what kind of input information goes through and hydrates our model, rejecting, filtering, or transforming everything else.
It’s like Fractal, backwards. (Fractal makes sure the output matches a set structure, rather than input)
The library currently has one outstanding issue – and it’s a discussion around a feature – but could definitely use some users and feedback! Maybe even a SitePoint post about it?
Continue reading %Sourcehunt: PHP7-Only Alternative to Laravel, HPKP, and More%