Class HttpsEnforcerMiddleware

Enforces use of HTTPS (SSL) for requests.

Properties summary

  • $config protected
    array

    Configuration.

Method Summary

Method Detail

__construct() public

__construct(array $config)

Constructor

Parameters

array $config optional

The options to use.

See Also

\Cake\Http\Middleware\self::$config

process() public

process(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Server\RequestHandlerInterface $handler)

Check whether request has been made using HTTPS.

Depending on the configuration and request method, either redirects to same URL with https or throws an exception.

Parameters

\Psr\Http\Message\ServerRequestInterface $request

The request.

\Psr\Http\Server\RequestHandlerInterface $handler

The request handler.

Returns

\Psr\Http\Message\ResponseInterface

A response.

Throws

Cake\Http\Exception\BadRequestException

Property Detail

$config protected

Configuration.

Options

  • redirect - If set to true (default) redirects GET requests to same URL with https.
  • statusCode - Status code to use in case of redirect, defaults to 301 - Permanent redirect.
  • headers - Array of response headers in case of redirect.
  • disableOnDebug - Whether HTTPS check should be disabled when debug is on. Default true.

Type

array

© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/4.1/class-Cake.Http.Middleware.HttpsEnforcerMiddleware.html