HttpsEnforcerMiddleware
in package
implements
MiddlewareInterface
Enforces use of HTTPS (SSL) for requests.
Table of Contents
Interfaces
- MiddlewareInterface
- Participant in processing a server request and response.
Properties
- $config : array<string, mixed>
- Configuration.
Methods
- __construct() : mixed
- Constructor
- process() : ResponseInterface
- Check whether request has been made using HTTPS.
- addHsts() : ResponseInterface
- Adds Strict-Transport-Security header to response.
Properties
$config
Configuration.
protected
array<string, mixed>
$config
= ['redirect' => true, 'statusCode' => 301, 'headers' => [], 'disableOnDebug' => true, 'hsts' => null]
Options
-
redirect- If set to true (default) redirects GET requests to same URL with https. -
statusCode- Status code to use in case of redirect, defaults to 301 - Permanent redirect. -
headers- Array of response headers in case of redirect. -
disableOnDebug- Whether HTTPS check should be disabled when debug is on. Defaulttrue. -
'hsts' - Strict-Transport-Security header for HTTPS response configuration. Defaults to
null. If enabled, an array of config options:- 'maxAge' - `max-age` directive value in seconds. - 'includeSubDomains' - Whether to include `includeSubDomains` directive. Defaults to `false`. - 'preload' - Whether to include 'preload' directive. Defauls to `false`.
Methods
__construct()
Constructor
public
__construct([array<string, mixed> $config = [] ]) : mixed
Parameters
- $config : array<string, mixed> = []
-
The options to use.
Tags
process()
Check whether request has been made using HTTPS.
public
process(ServerRequestInterface $request, RequestHandlerInterface $handler) : ResponseInterface
Depending on the configuration and request method, either redirects to same URL with https or throws an exception.
Parameters
- $request : ServerRequestInterface
-
The request.
- $handler : RequestHandlerInterface
-
The request handler.
Tags
Return values
ResponseInterface —A response.
addHsts()
Adds Strict-Transport-Security header to response.
protected
addHsts(ResponseInterface $response) : ResponseInterface
Parameters
- $response : ResponseInterface
-
Response