PHPackages kwaadpepper/laravel-omen - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [File & Storage](/categories/file-storage) 4. / 5. kwaadpepper/laravel-omen ActiveLibrary[File & Storage](/categories/file-storage) kwaadpepper/laravel-omen ======================== Yet another laravel filemanager 0.0.4(5y ago)422[1 issues](https://github.com/Kwaadpepper/Omen/issues)[6 PRs](https://github.com/Kwaadpepper/Omen/pulls)MITPHPPHP >=7.1 Since Jul 20Pushed 3y ago1 watchersCompare [ Source](https://github.com/Kwaadpepper/Omen)[ Packagist](https://packagist.org/packages/kwaadpepper/laravel-omen)[ Docs](https://omen.jeremydev.ovh/)[ RSS](/packages/kwaadpepper-laravel-omen/feed)WikiDiscussions master Synced 2d ago READMEChangelogDependencies (6)Versions (12)Used By (0) [![Omen project icon](https://user-images.githubusercontent.com/6019313/82305874-8ad0d800-99be-11ea-8655-6d3ab5deb43f.png)](https://user-images.githubusercontent.com/6019313/82305874-8ad0d800-99be-11ea-8655-6d3ab5deb43f.png) Omen file manager ================== [](#-omen-file-manager) --- [Project website](https://omen.jeremydev.ovh) [Project wiki](https://github.com/Kwaadpepper/Omen/wiki) [Contact at jeremydev.ovh](https://jeremydev.ovh/contact) ### **This is a Work in progress** [](#this-is-a-work-in-progress) [![Capture d’écran - 2020-06-09 à 08 51 18](https://user-images.githubusercontent.com/6019313/85106214-1e8b0380-b20c-11ea-927f-65e542a87b2b.png)](https://user-images.githubusercontent.com/6019313/85106214-1e8b0380-b20c-11ea-927f-65e542a87b2b.png) ### A To compile [](#a-to-compile) just run `yarn install` and then `yarn dev` or `yarn prod` ### B To install test within laravel [](#b-to-install-test-within-laravel) for now : 1. add this to a laravel project with composer, you can use this as a local project, in your composer.json : ``` "repositories": { "kwaadpepper/laravel-omen": { "type": "path", "url": "pathTo/laravel-omen-git-pull-from-github.git", "options": { "symlink": true } } }, ``` 2. then `composer require kwaadpepper/laravel-omen` 3. navigate to vendor/kwaadpepper/laravel-omen and `run yarn prod`, then access the url `/omenfilemanager` within your laravel project You can override `--tag=config, --tag=assets, --tag=views, --tag=lang` : ``` php artisan vendor:publish --provider="Kwaadpepper\Omen\Providers\OmenServiceProvider" --tag=assets ``` If you are using local storage and dont need to set files to private you can use this ``` sudo php artisan omen:link ``` **Notes** - About contributions Please report any vulnerabilities found or make a PR at your convenience. Everyone is welcome. If you wish, you can appear on a list of contributors visible on the about page. Your GitHub information visible on the commit will be used (name and email, or just the name) If you explicitly declared it in your PR. You must agree to publish with the MIT license because the project license is defined as is. Your contribution will be reviewed first before the merger. Please refer to the PR section. If you want to report something, just open an issue ticket. - About CSRF [https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site\_Request\_Forgery\_Prevention\_Cheat\_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html) Use is made of the Laravel built-in CSRF system token. In addition, an Ajax CSRF token is used for every request (even if only write operation should require it). - About CSP policies [https://cheatsheetseries.owasp.org/cheatsheets/Content\_Security\_Policy\_Cheat\_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html) This lib uses a CSP strategy on all its assets requirements (CSS, JS) using nonce. This is configurable through the config file ('omen.csp') - About X-Frame-Options X-Frame-Options is sent to the client to prevent click jacking (iframe embed) false => X-Frame-Options: deny true => X-Frame-Options: sameorigin - About X-Content-Type-Options Used againts mime sniffing to prevent cross site scripting. Thus, any file served will be treated with the type declared by the server This is always set to no sniff, and is not configurable - About Referrer-Policy No tracking is needed by Omen, and it dont want to be tracked also BTW. So Referrer-Policy is set to no-referrer. This is not configurable since there is no need to. - About Feature-Policy All enabled features are set to self, since Omen provides all the libs. No CDN is used for security purpose. Alose to enable the use on offlines networks. Only down side of this is Google Api to display docs wont be available. Only use is made of: - autoplay for video - fullscreen for multiple files type view - layout-animations for Omen interface to display - legacy-image-formats This policy controls the ability of the document to render images in legacy image formats. These are defined as any format other than JPEG, PNG, GIF, WEBP, or SVG. TODO Inspect Display possibilities on images formats - midi TODO can midi file be played ? - navigation-override [w3c/webappsec-permissions-policy#175](https://github.com/w3c/webappsec-permissions-policy/issues/175) - oversized-images - picture-in-picture for video play - sync-xhr For ajax queries accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; layout-animations 'self'; legacy-image-formats 'self'; magnetometer 'none'; microphone 'none'; midi 'self'; navigation-override 'self'; oversized-images 'self; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; sync-xhr 'self'; usb 'none'; vr 'none'; wake-lock 'none' xr-spatial-tracking 'none'; - About max upload size Because upload is ajax handled yt has to be changed on `php.ini` or `.htaccess`, two values needs to be changed: 'upload\_max\_filesize' and 'post\_max\_size' You can put this in `public/.htaccess` ``` php_value post_max_size 2M php_value upload_max_filesize 2M ``` Because upload is ajax handled, it sends chunks of 2M size. Then if you want to set a limit just change maxUploadSize to something like `'3M'` or `3145728` - About file names File names are always lower cased on created, this is for Windows compatibility since windows file names are not case sensible which means windows will threat 'file.pdf' 'File.pdf' as the same file whereas on a Unix based it will not. - About unit tests Include unit tests using Orchestra, just run `phpunit` from project folder after `composer install` - About Tinymce To use with tinymce you will have to set useXFrameOptions to true, in order to allow the display omen in a iframe Here is an example, you must set `external_filemanager_path` with directive `@omenPath()` and register the omen plugin `external_plugins` with `{ "omen": "@tinymcePluginPath()" }` ``` tinymce.init({ selector: "#tinymce" , plugins: [ "advlist autolink link image lists charmap print preview hr anchor pagebreak" , "searchreplace wordcount visualblocks visualchars insertdatetime media nonbreaking" , "table directionality emoticons paste omen code" ] , toolbar1: "undo redo | bold italic underline | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | styleselect" , toolbar2: "| omen | link unlink anchor | image media | forecolor backcolor | print preview code " , image_advtab: true , external_filemanager_path: "@omenPath()" , external_plugins: { "omen": "@tinymcePluginPath()" } }); ``` - About CKEditor To use with CKEditor no need for iframe autorization. However you will have to set it as the default filemanager. You will have to set `filebrowserImageBrowseUrl` with this directive `@omenPath(type=image&editor=ckeditor)`and eventually `filebrowserBrowseUrl` with this directive @omenPath(editor=ckeditor) ``` CKEDITOR.editorConfig = function(config) { config.language = "en"; config.uiColor = "#F7B42C"; config.height = 300; config.toolbarCanCollapse = true; config.extraPlugins = "omen"; config.filebrowserImageBrowseUrl = "@omenPath(type=image&editor=ckeditor)"; config.filebrowserBrowseUrl = "@omenPath(editor=ckeditor)"; }; CKEDITOR.replace("ckeditor"); ``` Some thing good to know is that it is possible to restrict file types to be used with url directive: eg: add url GET parameter `type=image` to use image only or `type=archives` - About standalone button You can use a standalone button to call the file manager if you want to. First insert the plugin (requires `jquery`) in you html file ``` ... ... @omenButton() ... ``` Create an input on your page ``` Open file ``` Call the plugin on your button ``` $(document).ready(function() { $('#omenButton').omenButton('image'); }); ``` `omenButton` function accepts file, image, audio, video, archive in case you want to restrict file types You may want to look at `resources/js/plugins/omen.Button.jquery.plugin.min.js` if you want to call with js the file manager via popup --- **Whishlit** - cross domain support for tinymce and ckeditor ? - Video stream, with optionnal ffmepg => Mpeg-Dash or HLS ? - Resize image keep ratio function - global search file - change visibility - more global actions such as mass delete - use thumbnails for images - allow delete non empty dir, confirm delete non empty dirs - more front end unit test with Dusk - test functions with chromium - extensive test on mobile - make button reset filters Jérémy Munsch [gitub@jeremydev.ovh](github@jeremydev.ovh) ### Health Score 22 — LowBetter than 22% of packages Maintenance15 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community9 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 87.7% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~3 days Total 4 Last Release 2113d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/7d6fe69e010efceae2bd9a92eb6463139fff339c94c545b6b7b1210a00d963e4?d=identicon)[Kwaadpepper](/maintainers/Kwaadpepper) --- Top Contributors [![Kwaadpepper](https://avatars.githubusercontent.com/u/6019313?v=4)](https://github.com/Kwaadpepper "Kwaadpepper (178 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (25 commits)") --- Tags filemanagerfilemanager-laravellaravelomenstorageftplaravels3responsivefilemanager ### Embed Badge ![Health badge](/badges/kwaadpepper-laravel-omen/health.svg) ``` [![Health](https://phpackages.com/badges/kwaadpepper-laravel-omen/health.svg)](https://phpackages.com/packages/kwaadpepper-laravel-omen) ``` ### Alternatives [unisharp/laravel-filemanager A file upload/editor intended for use with Laravel 5 to 10 and CKEditor / TinyMCE 2.2k3.3M74](/packages/unisharp-laravel-filemanager)[itskodinger/midia Simple Media manager for your Laravel project 1415.8k](/packages/itskodinger-midia) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)