CakePHP
  • Documentation
    • Book
    • API
    • Videos
    • Reporting Security Issues
    • Privacy Policy
    • Logos & Trademarks
  • Business Solutions
  • Swag
  • Road Trip
  • Team
  • Community
    • Community
    • Get Involved
    • Issues (Github)
    • Bakery
    • Featured Resources
    • Training
    • Meetups
    • My CakePHP
    • CakeFest
    • Newsletter
    • Linkedin
    • YouTube
    • Facebook
    • Twitter
    • Mastodon
    • Help & Support
    • Forum
    • Stack Overflow
    • IRC
    • Slack
    • Paid Support
CakePHP

C CakePHP 5.0 Chiffon API

  • Project:
    • CakePHP
      • CakePHP
      • Authentication
      • Authorization
      • Chronos
      • Elastic Search
      • Queue
  • Version:
    • 5.0
      • 5.2
      • 5.1
      • 5.0
      • 4.6
      • 4.5
      • 4.4
      • 4.3
      • 4.2
      • 4.1
      • 4.0
      • 3.10
      • 3.9
      • 3.8
      • 3.7
      • 3.6
      • 3.5
      • 3.4
      • 3.3
      • 3.2
      • 3.1
      • 3.0
      • 2.10
      • 2.9
      • 2.8
      • 2.7
      • 2.6
      • 2.5
      • 2.4
      • 2.3
      • 2.2
      • 2.1
      • 2.0
      • 1.3
      • 1.2

Namespaces

  • Global
  • Cake
    • Cache
    • Collection
    • Command
    • Console
    • Controller
    • Core
    • Database
    • Datasource
    • Error
    • Event
    • Form
    • Http
      • Client
      • Cookie
      • Exception
      • Middleware
      • Session
      • TestSuite
    • I18n
    • Log
    • Mailer
    • Network
    • ORM
    • Routing
    • TestSuite
    • Utility
    • Validation
    • View

Class HttpsEnforcerMiddleware

Enforces use of HTTPS (SSL) for requests.

Namespace: Cake\Http\Middleware

Property Summary

  • $config protected
    array<string, mixed>

    Configuration.

Method Summary

  • __construct() public

    Constructor

  • addHsts() protected

    Adds Strict-Transport-Security header to response.

  • process() public

    Check whether request has been made using HTTPS.

Method Detail

__construct() ¶ public 

__construct(array<string, mixed> $config = [])

Constructor

Parameters
array<string, mixed> $config optional

The options to use.

See Also
\Cake\Http\Middleware\HttpsEnforcerMiddleware::$config

addHsts() ¶ protected 

addHsts(Psr\Http\Message\ResponseInterface $response): Psr\Http\Message\ResponseInterface

Adds Strict-Transport-Security header to response.

Parameters
Psr\Http\Message\ResponseInterface $response

Response

Returns
Psr\Http\Message\ResponseInterface

process() ¶ public 

process(ServerRequestInterface $request, RequestHandlerInterface $handler): Psr\Http\Message\ResponseInterface

Check whether request has been made using HTTPS.

Depending on the configuration and request method, either redirects to same URL with https or throws an exception.

Parameters
ServerRequestInterface $request

The request.

RequestHandlerInterface $handler

The request handler.

Returns
Psr\Http\Message\ResponseInterface
Throws
Cake\Http\Exception\BadRequestException

Property Detail

$config ¶ protected

Configuration.

Options

  • redirect - If set to true (default) redirects GET requests to same URL with https.

  • statusCode - Status code to use in case of redirect, defaults to 301 - Permanent redirect.

  • headers - Array of response headers in case of redirect.

  • disableOnDebug - Whether HTTPS check should be disabled when debug is on. Default true.

  • trustedProxies - Array of trusted proxies that will be passed to the request. Defaults to null.

  • 'hsts' - Strict-Transport-Security header for HTTPS response configuration. Defaults to null. If enabled, an array of config options:

  • 'maxAge' - max-age directive value in seconds.

    • 'includeSubDomains' - Whether to include includeSubDomains directive. Defaults to false.
    • 'preload' - Whether to include 'preload' directive. Defauls to false.
Type
array<string, mixed>
OpenHub
Pingping
Linode
  • Business Solutions
  • Showcase
  • Documentation
  • Book
  • API
  • Videos
  • Reporting Security Issues
  • Privacy Policy
  • Logos & Trademarks
  • Community
  • Get Involved
  • Issues (Github)
  • Bakery
  • Featured Resources
  • Training
  • Meetups
  • My CakePHP
  • CakeFest
  • Newsletter
  • Linkedin
  • YouTube
  • Facebook
  • Twitter
  • Mastodon
  • Help & Support
  • Forum
  • Stack Overflow
  • IRC
  • Slack
  • Paid Support

Generated using CakePHP API Docs