1. class
  2. SilverStripe
  3. \
  4. Control
  5. \
  6. Middleware
  7. \
  8. CanonicalURLMiddleware

CanonicalURLMiddleware

class CanonicalURLMiddleware implements HTTPMiddleware (View source)

Implements the following URL normalisation rules

  • redirect basic auth requests to HTTPS
  • force WWW, redirect to the subdomain "www."
  • force SSL, redirect to https

Traits

Injectable

A class that can be instantiated or replaced via DI

Properties

protected bool $forceWWW

Set if we should redirect to WWW
protected bool $forceSSL

Set if we should force SSL
protected bool|null $forceBasicAuthToSSL

Set if we should automatically redirect basic auth requests to HTTPS. A null value (default) will cause this property to return the value of the forceSSL property.
protected int $redirectType

Redirect type
protected array|bool $enabledEnvs

Environment variables this middleware is enabled in, or a fixed boolean flag to apply to all environments. cli is disabled unless present here as cli, or set to true to force enabled.
protected array $forceSSLPatterns

If forceSSL is enabled, this is the list of patterns that the url must match (at least one)
protected string $forceSSLDomain

SSL Domain to use

Methods

public static 
Injectable
create(mixed ...$args)

An implementation of the factory method, allows you to create an instance of a class

from  Injectable
public static 
Injectable
singleton(string $class = null)

Creates a class instance by the "singleton" design pattern.

from  Injectable
public
array
getForceSSLPatterns()

No description

public
$this
setForceSSLPatterns(array $forceSSLPatterns)

No description

public
string
getForceSSLDomain()

No description

public
$this
setForceSSLDomain(string $forceSSLDomain)

No description

public
bool
getForceWWW()

No description

public
$this
setForceWWW(bool $forceWWW)

No description

public
bool
getForceSSL()

No description

public
$this
setForceSSL(bool $forceSSL)

No description

public
$this
setForceBasicAuthToSSL(bool|null $forceBasicAuth)

No description

public
bool
getForceBasicAuthToSSL()

No description

public
HTTPResponse
process(HTTPRequest $request, callable $delegate)

Generate response for the given request

protected
HTTPResponse|null
getRedirect(HTTPRequest $request)

Given request object determine if we should redirect.

public
throwRedirectIfNeeded(HTTPRequest $request = null)

Handles redirection to canonical urls outside of the main middleware chain using HTTPResponseException.

protected
HTTPRequest|null
getOrValidateRequest(HTTPRequest $request = null)

Return a valid request, if one is available, or null if none is available

protected
bool
requiresSSL(HTTPRequest $request)

Check if a redirect for SSL is necessary

public
int
getRedirectType()

No description

public
$this
setRedirectType(int $redirectType)

No description

public
array|bool
getEnabledEnvs()

Get enabled flag, or list of environments to enable in.

public
$this
setEnabledEnvs(array|bool $enabledEnvs)

Set enabled flag, or list of environments to enable in.

protected
isEnabled()

Ensure this middleware is enabled

protected
bool
hasBasicAuthPrompt(HTTPResponse $response = null)

Determine whether the executed middlewares have added a basic authentication prompt

protected
HTTPResponse
redirectToScheme(HTTPRequest $request, string $scheme, string $host = null)

Redirect the current URL to the specified HTTP scheme

Details

in Injectable at line 26
static Injectable create(mixed ...$args)

An implementation of the factory method, allows you to create an instance of a class

This method will defer class substitution to the Injector API, which can be customised via the Config API to declare substitution classes.

This can be called in one of two ways - either calling via the class directly, or calling on Object and passing the class name as the first parameter. The following are equivalent: $list = DataList::create(SiteTree::class); $list = SiteTree::get();

Parameters

mixed ...$args

Return Value

Injectable

in Injectable at line 43
static Injectable singleton(string $class = null)

Creates a class instance by the "singleton" design pattern.

It will always return the same instance for this class, which can be used for performance reasons and as a simple way to access instance methods which don't rely on instance data (e.g. the custom SilverStripe static handling).

Parameters

string $class

Optional classname to create, if the called class should not be used

Return Value

Injectable

The singleton instance

at line 82
array getForceSSLPatterns()

No description

Return Value

array

at line 91
$this setForceSSLPatterns(array $forceSSLPatterns)

No description

Parameters

array $forceSSLPatterns

Return Value

$this

at line 100
string getForceSSLDomain()

No description

Return Value

string

at line 109
$this setForceSSLDomain(string $forceSSLDomain)

No description

Parameters

string $forceSSLDomain

Return Value

$this

at line 118
bool getForceWWW()

No description

Return Value

bool

at line 127
$this setForceWWW(bool $forceWWW)

No description

Parameters

bool $forceWWW

Return Value

$this

at line 136
bool getForceSSL()

No description

Return Value

bool

at line 145
$this setForceSSL(bool $forceSSL)

No description

Parameters

bool $forceSSL

Return Value

$this

at line 155
$this setForceBasicAuthToSSL(bool|null $forceBasicAuth)

No description

Parameters

bool|null $forceBasicAuth

Return Value

$this

at line 164
bool getForceBasicAuthToSSL()

No description

Return Value

bool

at line 181
HTTPResponse process(HTTPRequest $request, callable $delegate)

Generate response for the given request

Parameters

HTTPRequest $request
callable $delegate

Return Value

HTTPResponse

at line 207
protected HTTPResponse|null getRedirect(HTTPRequest $request)

Given request object determine if we should redirect.

Parameters

HTTPRequest $request

Pre-validated request object

Return Value

HTTPResponse|null

If a redirect is needed return the response

at line 247
throwRedirectIfNeeded(HTTPRequest $request = null)

Handles redirection to canonical urls outside of the main middleware chain using HTTPResponseException.

Will not do anything if a current HTTPRequest isn't available

Parameters

HTTPRequest $request

Allow HTTPRequest to be used for the base comparison

Exceptions

HTTPResponse_Exception

at line 265
protected HTTPRequest|null getOrValidateRequest(HTTPRequest $request = null)

Return a valid request, if one is available, or null if none is available

Parameters

HTTPRequest $request

Return Value

HTTPRequest|null

at line 282
protected bool requiresSSL(HTTPRequest $request)

Check if a redirect for SSL is necessary

Parameters

HTTPRequest $request

Return Value

bool

at line 315
int getRedirectType()

No description

Return Value

int

at line 324
$this setRedirectType(int $redirectType)

No description

Parameters

int $redirectType

Return Value

$this

at line 335
array|bool getEnabledEnvs()

Get enabled flag, or list of environments to enable in.

Return Value

array|bool

at line 348
$this setEnabledEnvs(array|bool $enabledEnvs)

Set enabled flag, or list of environments to enable in.

Note: CLI is disabled by default, so "cli"(string) or true(bool) should be specified if you wish to enable for testing.

Parameters

array|bool $enabledEnvs

Return Value

$this

at line 357
protected isEnabled()

Ensure this middleware is enabled

at line 385
protected bool hasBasicAuthPrompt(HTTPResponse $response = null)

Determine whether the executed middlewares have added a basic authentication prompt

Parameters

HTTPResponse $response

Return Value

bool

at line 401
protected HTTPResponse redirectToScheme(HTTPRequest $request, string $scheme, string $host = null)

Redirect the current URL to the specified HTTP scheme

Parameters

HTTPRequest $request
string $scheme
string $host

Return Value

HTTPResponse