/**
* Add content security policy headers to response.
*
* @return void
*
* @throws \Exception
*/
protected function buildCsp()
{
if ($this->response instanceof BinaryFileResponse) {
return;
}
$csp = CSPBuilder::fromFile(config_path('csp.json'));
$csp->addDirective('upgrade-insecure-requests', $this->request->secure());
$this->response->withHeaders($csp->getHeaderArray(false));
}
/**
* Validate a given rule against a route and request.
*
* @param \Illuminate\Routing\Route $route
* @param \Illuminate\Http\Request $request
* @return bool
*/
public function matches(Route $route, Request $request)
{
if ($route->httpOnly()) {
return !$request->secure();
} elseif ($route->secure()) {
return $request->secure();
}
return true;
}
/**
* Redirects any non-secure requests to their secure counterparts.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return redirects to the secure counterpart of the requested uri.
*/
public function handle($request, Closure $next)
{
if (!$request->secure() && app()->environment('production')) {
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->secure() && env('APP_ENV') === 'prod') {
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->secure()) {
abort(404);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->secure() && !str_contains($request->getRequestUri(), '/podcasts/rss')) {
return redirect()->secure($request->getRequestUri(), 301);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->secure()) {
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
/**
* Get route root.
*
* @return string
*/
public function root()
{
$http = $this->request->secure() ? 'https' : 'http';
$domain = trim($this->domain(true), '/');
$prefix = $this->prefix(true);
return trim("{$http}://{$domain}/{$prefix}", '/');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->secure()) {
return Redirect::secure($request->path());
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param Closure $next
*
* @return \Illuminate\Http\RedirectResponse
*/
public function handle($request, Closure $next)
{
if (env('APP_HTTPS') && !env('APP_DEBUG') && !$request->secure()) {
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($request->secure()) {
//return redirect("https://{$_SERVER['HTTP_HOST']}" . $request->getRequestUri());
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$request->setTrustedProxies([$request->getClientIp()]);
if (!$request->secure()) {
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$request->secure() && env('APP_ENV') === 'production') {
$request->setTrustedProxies([$request->getClientIp()]);
return redirect()->secure($request->getRequestUri());
}
return $next($request);
}
/**
* Force to use https:// requests
*
* @return null|RedirectResponse Redirects to the https:// protocol if the current request is insecure
*/
public function forceSSL()
{
if (!$this->request->secure()) {
return $this->redirect->secure($this->request->getRequestUri());
}
return null;
// The request is already secure
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// if not local environment AND the request isn't safe
if (!app()->isLocal() && !$request->secure()) {
// redirect to the mathching secure url
return redirect()->secure($request->path());
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// && !App::environment('local')
// dd($request->getRequestUri());
if ($request->secure() && !App::environment('local')) {
// return redirect('https://www.colorme.vn');
// return redirect()->secure($request->getRequestUri());
return redirect($request->getRequestUri());
}
return $next($request);
}
/**
* Handles the HTTP request.
*
* @param Illuminate\Http\Request $request The request
* @param Closure $next Mechanism for passing the result down the pipeline to the next piece of middleware
*
* @return Illuminate\Http\Response A Response object that is passed to the next piece of middleware
*/
public function handle($request, Closure $next)
{
if ($request->path() === config('auto-deploy.route')) {
if (!config('auto-deploy.require-ssl') || $request->secure()) {
$origin = $this->determineOrigin();
if (null !== $origin) {
if ($origin->isAuthentic()) {
// set the origin type in the controller
$request->offsetSet('origin', $origin);
return $next($request);
} else {
abort(403, 'Forbidden. Could not verify the origin of the request.');
}
} else {
abort(403, 'Forbidden. Could not determine the origin of the request.');
}
} else {
abort(403, 'Forbidden. Webhook requests must be sent using SSL.');
}
}
// Passthrough if it's not our specific route
return $next($request);
}
/**
* Determine if the request is over HTTPS.
*
* @return bool
* @static
*/
public static function secure()
{
return \Illuminate\Http\Request::secure();
}
/**
* Shows all projects.
*
* @param TemplateRepositoryInterface $templateRepository
* @param GroupRepositoryInterface $groupRepository
* @param Request $request
*
* @return \Illuminate\View\View
*/
public function index(TemplateRepositoryInterface $templateRepository, GroupRepositoryInterface $groupRepository, Request $request)
{
$projects = $this->repository->getAll();
return view('admin.projects.listing', ['is_secure' => $request->secure(), 'title' => Lang::get('projects.manage'), 'templates' => $templateRepository->getAll(), 'groups' => $groupRepository->getAll(), 'projects' => $projects->toJson()]);
}
/**
* Handle an incoming request.
*
* @param Request $request
* @param Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
// Set up trusted X-Forwarded-Proto proxies
// TRUSTED_PROXIES accepts a comma delimited list of subnets
// ie, TRUSTED_PROXIES='10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'
if (isset($_ENV['TRUSTED_PROXIES'])) {
$request->setTrustedProxies(array_map('trim', explode(',', env('TRUSTED_PROXIES'))));
}
// Ensure all request are over HTTPS in production
if (Utils::requireHTTPS() && !$request->secure()) {
return Redirect::secure($request->path());
}
// If the database doens't yet exist we'll skip the rest
if (!Utils::isNinja() && !Utils::isDatabaseSetup()) {
return $next($request);
}
// Check if a new version was installed
if (!Utils::isNinja()) {
$file = storage_path() . '/version.txt';
$version = @file_get_contents($file);
if ($version != NINJA_VERSION) {
if (version_compare(phpversion(), '5.5.9', '<')) {
dd('Please update PHP to >= 5.5.9');
}
$handle = fopen($file, 'w');
fwrite($handle, NINJA_VERSION);
fclose($handle);
return Redirect::to('/update');
}
}
// Check the application is up to date and for any news feed messages
if (Auth::check()) {
$count = Session::get(SESSION_COUNTER, 0);
Session::put(SESSION_COUNTER, ++$count);
if (isset($_SERVER['REQUEST_URI']) && !Utils::startsWith($_SERVER['REQUEST_URI'], '/news_feed') && !Session::has('news_feed_id')) {
$data = false;
if (Utils::isNinja()) {
$data = Utils::getNewsFeedResponse();
} else {
$file = @CurlUtils::get(NINJA_APP_URL . '/news_feed/' . Utils::getUserType() . '/' . NINJA_VERSION);
$data = @json_decode($file);
}
if ($data) {
if (version_compare(NINJA_VERSION, $data->version, '<')) {
$params = ['user_version' => NINJA_VERSION, 'latest_version' => $data->version, 'releases_link' => link_to(RELEASES_URL, 'Invoice Ninja', ['target' => '_blank'])];
Session::put('news_feed_id', NEW_VERSION_AVAILABLE);
Session::flash('news_feed_message', trans('texts.new_version_available', $params));
} else {
Session::put('news_feed_id', $data->id);
if ($data->message && $data->id > Auth::user()->news_feed_id) {
Session::flash('news_feed_message', $data->message);
}
}
} else {
Session::put('news_feed_id', true);
}
}
}
// Check if we're requesting to change the account's language
if (Input::has('lang')) {
$locale = Input::get('lang');
App::setLocale($locale);
Session::set(SESSION_LOCALE, $locale);
if (Auth::check()) {
if ($language = Language::whereLocale($locale)->first()) {
$account = Auth::user()->account;
$account->language_id = $language->id;
$account->save();
}
}
} elseif (Auth::check()) {
$locale = Auth::user()->account->language ? Auth::user()->account->language->locale : DEFAULT_LOCALE;
App::setLocale($locale);
} elseif (session(SESSION_LOCALE)) {
App::setLocale(session(SESSION_LOCALE));
}
// Make sure the account/user localization settings are in the session
if (Auth::check() && !Session::has(SESSION_TIMEZONE)) {
Event::fire(new UserSettingsChanged());
}
// Check if the user is claiming a license (ie, additional invoices, white label, etc.)
if (isset($_SERVER['REQUEST_URI'])) {
$claimingLicense = Utils::startsWith($_SERVER['REQUEST_URI'], '/claim_license');
if (!$claimingLicense && Input::has('license_key') && Input::has('product_id')) {
$licenseKey = Input::get('license_key');
$productId = Input::get('product_id');
$url = (Utils::isNinjaDev() ? SITE_URL : NINJA_APP_URL) . "/claim_license?license_key={$licenseKey}&product_id={$productId}&get_date=true";
$data = trim(CurlUtils::get($url));
if ($productId == PRODUCT_INVOICE_DESIGNS) {
if ($data = json_decode($data)) {
foreach ($data as $item) {
$design = new InvoiceDesign();
$design->id = $item->id;
$design->name = $item->name;
$design->pdfmake = $item->pdfmake;
$design->save();
}
Cache::forget('invoiceDesigns');
Session::flash('message', trans('texts.bought_designs'));
}
} elseif ($productId == PRODUCT_WHITE_LABEL) {
if ($data && $data != RESULT_FAILURE) {
$company = Auth::user()->account->company;
$company->plan_term = PLAN_TERM_YEARLY;
$company->plan_paid = $data;
$company->plan_expires = date_create($data)->modify('+1 year')->format('Y-m-d');
$company->plan = PLAN_WHITE_LABEL;
$company->save();
Session::flash('message', trans('texts.bought_white_label'));
}
}
}
}
// Check data has been cached
$cachedTables = unserialize(CACHED_TABLES);
if (Input::has('clear_cache')) {
Session::flash('message', 'Cache cleared');
}
foreach ($cachedTables as $name => $class) {
if (Input::has('clear_cache') || !Cache::has($name)) {
// check that the table exists in case the migration is pending
if (!Schema::hasTable((new $class())->getTable())) {
continue;
}
if ($name == 'paymentTerms') {
$orderBy = 'num_days';
} elseif ($name == 'fonts') {
$orderBy = 'sort_order';
} elseif (in_array($name, ['currencies', 'industries', 'languages', 'countries', 'banks'])) {
$orderBy = 'name';
} else {
$orderBy = 'id';
}
$tableData = $class::orderBy($orderBy)->get();
if (count($tableData)) {
Cache::forever($name, $tableData);
}
}
}
// Show message to IE 8 and before users
if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match('/(?i)msie [2-8]/', $_SERVER['HTTP_USER_AGENT'])) {
Session::flash('error', trans('texts.old_browser', ['link' => OUTDATE_BROWSER_URL]));
}
$response = $next($request);
//$response->headers->set('X-Frame-Options', 'DENY');
return $response;
}
/**
* Validate a given rule against a route and request.
*
* @param \Illuminate\Routing\Route $route
* @param \Illuminate\Http\Request $request
* @return bool
*/
public function matches(Route $route, Request $request)
{
return $route->secure() ? $request->secure() : true;
}
