class CanonicalURLMiddleware implements HTTPMiddleware (View source)

Implements the following URL normalisation rules

  • redirect basic auth requests to HTTPS
  • force WWW, redirect to the subdomain "www."
  • force SSL, redirect to https

Traits

A class that can be instantiated or replaced via DI

Properties

protected bool $forceWWW

Set if we should redirect to WWW

protected bool $forceSSL

Set if we should force SSL

protected bool|null $forceBasicAuthToSSL

Set if we should automatically redirect basic auth requests to HTTPS. A null value (default) will cause this property to return the value of the forceSSL property.

protected int $redirectType

Redirect type

protected array|bool $enabledEnvs

Environment variables this middleware is enabled in, or a fixed boolean flag to apply to all environments. cli is disabled unless present here as cli, or set to true to force enabled.

protected array $forceSSLPatterns

If forceSSL is enabled, this is the list of patterns that the url must match (at least one)

protected string $forceSSLDomain

SSL Domain to use

Methods

public static 
create(mixed ...$args)

An implementation of the factory method, allows you to create an instance of a class

public static 
singleton(string $class = null)

Creates a class instance by the "singleton" design pattern.

public
array
getForceSSLPatterns()

No description

public
$this
setForceSSLPatterns(array $forceSSLPatterns)

No description

public
string
getForceSSLDomain()

No description

public
$this
setForceSSLDomain(string $forceSSLDomain)

No description

public
bool
getForceWWW()

No description

public
$this
setForceWWW(bool $forceWWW)

No description

public
bool
getForceSSL()

No description

public
$this
setForceSSL(bool $forceSSL)

No description

public
$this
setForceBasicAuthToSSL(bool|null $forceBasicAuth)

No description

public
bool
getForceBasicAuthToSSL()

No description

public
process(HTTPRequest $request, callable $delegate)

Generate response for the given request

protected
getRedirect(HTTPRequest $request)

Given request object determine if we should redirect.

public
throwRedirectIfNeeded(HTTPRequest $request = null)

Handles redirection to canonical urls outside of the main middleware chain using HTTPResponseException.

protected
getOrValidateRequest(HTTPRequest $request = null)

Return a valid request, if one is available, or null if none is available

protected
bool
requiresSSL(HTTPRequest $request)

Check if a redirect for SSL is necessary

public
int
getRedirectType()

No description

public
$this
setRedirectType(int $redirectType)

No description

public
array|bool
getEnabledEnvs()

Get enabled flag, or list of environments to enable in.

public
$this
setEnabledEnvs(array|bool $enabledEnvs)

Set enabled flag, or list of environments to enable in.

protected
isEnabled()

Ensure this middleware is enabled

protected
bool
hasBasicAuthPrompt(HTTPResponse $response = null)

Determine whether the executed middlewares have added a basic authentication prompt

protected
redirectToScheme(HTTPRequest $request, string $scheme, string $host = null)

Redirect the current URL to the specified HTTP scheme

Details

static Injectable create(mixed ...$args)

An implementation of the factory method, allows you to create an instance of a class

This method will defer class substitution to the Injector API, which can be customised via the Config API to declare substitution classes.

This can be called in one of two ways - either calling via the class directly, or calling on Object and passing the class name as the first parameter. The following are equivalent: $list = DataList::create(SiteTree::class); $list = SiteTree::get();

Parameters

mixed ...$args

Return Value

Injectable

static Injectable singleton(string $class = null)

Creates a class instance by the "singleton" design pattern.

It will always return the same instance for this class, which can be used for performance reasons and as a simple way to access instance methods which don't rely on instance data (e.g. the custom SilverStripe static handling).

Parameters

string $class

Optional classname to create, if the called class should not be used

Return Value

Injectable

The singleton instance

array getForceSSLPatterns()

No description

Return Value

array

$this setForceSSLPatterns(array $forceSSLPatterns)

No description

Parameters

array $forceSSLPatterns

Return Value

$this

string getForceSSLDomain()

No description

Return Value

string

$this setForceSSLDomain(string $forceSSLDomain)

No description

Parameters

string $forceSSLDomain

Return Value

$this

bool getForceWWW()

No description

Return Value

bool

$this setForceWWW(bool $forceWWW)

No description

Parameters

bool $forceWWW

Return Value

$this

bool getForceSSL()

No description

Return Value

bool

$this setForceSSL(bool $forceSSL)

No description

Parameters

bool $forceSSL

Return Value

$this

$this setForceBasicAuthToSSL(bool|null $forceBasicAuth)

No description

Parameters

bool|null $forceBasicAuth

Return Value

$this

bool getForceBasicAuthToSSL()

No description

Return Value

bool

HTTPResponse process(HTTPRequest $request, callable $delegate)

Generate response for the given request

Parameters

HTTPRequest $request
callable $delegate

Return Value

HTTPResponse

protected HTTPResponse|null getRedirect(HTTPRequest $request)

Given request object determine if we should redirect.

Parameters

HTTPRequest $request

Pre-validated request object

Return Value

HTTPResponse|null

If a redirect is needed return the response

throwRedirectIfNeeded(HTTPRequest $request = null)

Handles redirection to canonical urls outside of the main middleware chain using HTTPResponseException.

Will not do anything if a current HTTPRequest isn't available

Parameters

HTTPRequest $request

Allow HTTPRequest to be used for the base comparison

Exceptions

HTTPResponse_Exception

protected HTTPRequest|null getOrValidateRequest(HTTPRequest $request = null)

Return a valid request, if one is available, or null if none is available

Parameters

HTTPRequest $request

Return Value

HTTPRequest|null

protected bool requiresSSL(HTTPRequest $request)

Check if a redirect for SSL is necessary

Parameters

HTTPRequest $request

Return Value

bool

int getRedirectType()

No description

Return Value

int

$this setRedirectType(int $redirectType)

No description

Parameters

int $redirectType

Return Value

$this

array|bool getEnabledEnvs()

Get enabled flag, or list of environments to enable in.

Return Value

array|bool

$this setEnabledEnvs(array|bool $enabledEnvs)

Set enabled flag, or list of environments to enable in.

Note: CLI is disabled by default, so "cli"(string) or true(bool) should be specified if you wish to enable for testing.

Parameters

array|bool $enabledEnvs

Return Value

$this

protected isEnabled()

Ensure this middleware is enabled

protected bool hasBasicAuthPrompt(HTTPResponse $response = null)

Determine whether the executed middlewares have added a basic authentication prompt

Parameters

HTTPResponse $response

Return Value

bool

protected HTTPResponse redirectToScheme(HTTPRequest $request, string $scheme, string $host = null)

Redirect the current URL to the specified HTTP scheme

Parameters

HTTPRequest $request
string $scheme
string $host

Return Value

HTTPResponse