apps/frontend/config/app.yml
ssl_filter:
enabled: true
secure:
profile:
actions: ~
feed:
actions: ~
bookmark:
actions: ~
alert:
actions: ~
sfGuardAuth:
actions: [signin]
sfGuardRegister:
actions: ~
sfGuardForgotPassword:
action: ~ |
lib/filter/sfSslFilter.class.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| <?php
class sfSslFilter extends sfFilter {
public function execute($filterChain) {
if(sfConfig::get('app_ssl_filter_enabled', true) && $this->isFirstCall()) {
$request = $this->getContext()->getRequest();
if($request->isMethod('get') || $request->isMethod('head')) {
$context = $this->getContext();
$controller = $context->getController();
$stackEntry = $controller->getActionStack()->getLastEntry();
$module = $stackEntry->getModuleName();
$action = $stackEntry->getActionName();
$moduleSettings = sfConfig::get('app_ssl_filter_secure', false);
if(isset($moduleSettings[$module])) {
if(isset($moduleSettings[$module]['actions'])){
if(!$request->isSecure() && is_array($moduleSettings[$module]['actions']) && in_array($action, $moduleSettings[$module]['actions'])) {
return $this->redirectSecure($request);
}
} else if(!$request->isSecure()) {
return $this->redirectSecure($request);
}
}
}
}
$filterChain->execute();
}
protected function redirectSecure(sfWebRequest $request) {
$url = str_replace( 'http', 'https', $request->getUri());
return $this->getContext()->getController()->redirect($url, 0, 301);
}
} |
apps/frontend/config/filters.yml