isSecure() public static method

This method can read the client protocol from the "X-Forwarded-Proto" header when trusted proxies were set via "setTrustedProxies()". The "X-Forwarded-Proto" header must contain the protocol: "https" or "http". If your reverse proxy uses a different header name than "X-Forwarded-Proto" ("SSL_HTTPS" for instance), configure it via "setTrustedHeaderName()" with the "client-proto" key.
public static isSecure ( ) : boolean
return boolean
Beispiel #1
0
 /**
  * @param \Illuminate\Config\Repository $config
  */
 public function __construct(Config $config, Session $session)
 {
     $scheme = \Request::isSecure() ? 'https://' : 'http://';
     $this->u2f = new \u2flib_server\U2F($scheme . \Request::getHttpHost());
     $this->config = $config;
     $this->session = $session;
 }
Beispiel #2
0
 public function testIsSecureChecksScheme()
 {
     $request = new Request('GET', '/resource/123', 'http://example.com');
     $this->assertFalse($request->isSecure());
     $request = new Request('GET', '/resource/123', 'https://example.com');
     $this->assertTrue($request->isSecure());
 }
Beispiel #3
0
 /**
  * Initialize the class members values.
  * @return 	void
  */
 public static function init()
 {
     static::$ssl = Request::isSecure();
     static::$protocol = static::$ssl === true ? 'https' : 'http';
     static::$request_uri = $req = $_SERVER['REQUEST_URI'];
     static::$request_method = $_SERVER['REQUEST_METHOD'];
     if (strpos($req, '?') !== false) {
         list(static::$request_uri, static::$query_string) = explode('?', $req);
     }
 }
Beispiel #4
0
    /**
     * Initialise the captcha
     *
     * @param   string   $id  The id of the field.
     * @return  boolean  True on success, false otherwise
     * @since   2.5
     */
    public function onInit($id)
    {
        // Initialise variables
        $lang = $this->_getLanguage();
        $pubkey = $this->params->get('public_key', '');
        $theme = $this->params->get('theme', 'clean');
        if ($pubkey == null || $pubkey == '') {
            throw new Exception(Lang::txt('PLG_RECAPTCHA_ERROR_NO_PUBLIC_KEY'));
        }
        $server = self::RECAPTCHA_API_SERVER;
        if (Request::isSecure()) {
            $server = self::RECAPTCHA_API_SECURE_SERVER;
        }
        Html::asset('script', $server . '/js/recaptcha_ajax.js');
        Document::addScriptDeclaration('jQuery(document).ready(function($) {
			Recaptcha.create("' . $pubkey . '", "dynamic_recaptcha_1", {theme: "' . $theme . '",' . $lang . 'tabindex: 0});
		});');
        return true;
    }
Beispiel #5
0
 /**
  * Checks if we need to remove Cache-Control for SSL encrypted downloads when using IE < 9.
  *
  * @link http://support.microsoft.com/kb/323308
  */
 protected function ensureIEOverSSLCompatibility(Request $request)
 {
     if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) == 1 && true === $request->isSecure()) {
         if (intval(preg_replace("/(MSIE )(.*?);/", "\$2", $match[0])) < 9) {
             $this->headers->remove('Cache-Control');
         }
     }
 }
Beispiel #6
0
 /**
  * @todo Implement testIsSSL().
  */
 public function testIsSSL()
 {
     $this->assertEquals(false, $this->request->isSecure());
 }
    /**
     * Prepares the Response before it is sent to the client.
     *
     * This method tweaks the Response to ensure that it is
     * compliant with RFC 2616. Most of the changes are based on
     * the Request that is "associated" with this Response.
     *
     * @param Request $request A Request instance
     *
     * @return Response The current response.
     */
    public function prepare(Request $request)
    {
        $headers = $this->headers;

        if ($this->isInformational() || in_array($this->statusCode, array(204, 304))) {
            $this->setContent(null);
        }

        // Content-type based on the Request
        if (!$headers->has('Content-Type')) {
            $format = $request->getRequestFormat();
            if (null !== $format && $mimeType = $request->getMimeType($format)) {
                $headers->set('Content-Type', $mimeType);
            }
        }

        // Fix Content-Type
        $charset = $this->charset ?: 'UTF-8';
        if (!$headers->has('Content-Type')) {
            $headers->set('Content-Type', 'text/html; charset='.$charset);
        } elseif (0 === strpos($headers->get('Content-Type'), 'text/') && false === strpos($headers->get('Content-Type'), 'charset')) {
            // add the charset
            $headers->set('Content-Type', $headers->get('Content-Type').'; charset='.$charset);
        }

        // Fix Content-Length
        if ($headers->has('Transfer-Encoding')) {
            $headers->remove('Content-Length');
        }

        if ($request->isMethod('HEAD')) {
            // cf. RFC2616 14.13
            $length = $headers->get('Content-Length');
            $this->setContent(null);
            if ($length) {
                $headers->set('Content-Length', $length);
            }
        }

        // Fix protocol
        if ('HTTP/1.0' != $request->server->get('SERVER_PROTOCOL')) {
            $this->setProtocolVersion('1.1');
        }

        // Check if we need to send extra expire info headers
        if ('1.0' == $this->getProtocolVersion() && 'no-cache' == $this->headers->get('Cache-Control')) {
            $this->headers->set('pragma', 'no-cache');
            $this->headers->set('expires', -1);
        }

        /**
         * Check if we need to remove Cache-Control for ssl encrypted downloads when using IE < 9
         * @link http://support.microsoft.com/kb/323308
         */
        if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) == 1 && true === $request->isSecure()) {
            if(intval(preg_replace("/(MSIE )(.*?);/", "$2", $match[0])) < 9) {
                $this->headers->remove('Cache-Control');
            }
        }

        return $this;
    }
Beispiel #8
0
<?php

/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/
App::before(function ($request) {
    //if (!preg_match("#admincp#", Request::path()) and Request::path() != "logout" ) return Redirect::to("admincp");
    if (Config::get('enable-https', 0) and !\Request::isSecure()) {
        return Redirect::secure(Request::path());
    }
    if (Auth::check()) {
        //use here to update online status of this user
        Auth::user()->updateOnline();
    }
});
App::after(function ($request, $response) {
    //
});
/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
 public function testIsSecure()
 {
     $this->assertThat($this->object->isSecure(), $this->equalTo(false));
 }
 public function defaultAction()
 {
     if (!Request::isSecure() && Config::get()->forceAdminHttps) {
         Helpers::redirect(Helpers::getCompleteUrl(Config::get()->baseUrl . 'admin/html-output/login', 'https://'));
     }
 }
Beispiel #11
0
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * HUBzero is a registered trademark of Purdue University.
 *
 * @package   hubzero-cms
 * @author    Shawn Rice <*****@*****.**>
 * @copyright Copyright 2005-2015 HUBzero Foundation, LLC.
 * @license   http://opensource.org/licenses/MIT MIT
 */
// No direct access
defined('_HZEXEC_') or die;
$base = Request::base();
if (Request::isSecure()) {
    $base = str_replace('http://', 'https://', $base);
}
$controller = Request::getCmd('controller', Request::getCmd('view', ''));
$this->css();
?>

<div class="captcha-block">
	<div class="grid">
		<div class="col span8">
			<label for="imgCatchaTxt<?php 
echo $this->total;
?>
">
				<?php 
echo Lang::txt('PLG_CAPTCHA_IMAGE_ENTER_CAPTCHA_VALUE');