/** * Add content security policy headers to response. * * @return void * * @throws \Exception */ protected function buildCsp() { if ($this->response instanceof BinaryFileResponse) { return; } $csp = CSPBuilder::fromFile(config_path('csp.json')); $csp->addDirective('upgrade-insecure-requests', $this->request->secure()); $this->response->withHeaders($csp->getHeaderArray(false)); }
/** * Validate a given rule against a route and request. * * @param \Illuminate\Routing\Route $route * @param \Illuminate\Http\Request $request * @return bool */ public function matches(Route $route, Request $request) { if ($route->httpOnly()) { return !$request->secure(); } elseif ($route->secure()) { return $request->secure(); } return true; }
/** * Redirects any non-secure requests to their secure counterparts. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return redirects to the secure counterpart of the requested uri. */ public function handle($request, Closure $next) { if (!$request->secure() && app()->environment('production')) { return redirect()->secure($request->getRequestUri()); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->secure() && env('APP_ENV') === 'prod') { return redirect()->secure($request->getRequestUri()); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->secure()) { abort(404); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->secure() && !str_contains($request->getRequestUri(), '/podcasts/rss')) { return redirect()->secure($request->getRequestUri(), 301); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->secure()) { return redirect()->secure($request->getRequestUri()); } return $next($request); }
/** * Get route root. * * @return string */ public function root() { $http = $this->request->secure() ? 'https' : 'http'; $domain = trim($this->domain(true), '/'); $prefix = $this->prefix(true); return trim("{$http}://{$domain}/{$prefix}", '/'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->secure()) { return Redirect::secure($request->path()); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param Closure $next * * @return \Illuminate\Http\RedirectResponse */ public function handle($request, Closure $next) { if (env('APP_HTTPS') && !env('APP_DEBUG') && !$request->secure()) { return redirect()->secure($request->getRequestUri()); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->secure()) { //return redirect("https://{$_SERVER['HTTP_HOST']}" . $request->getRequestUri()); return redirect()->secure($request->getRequestUri()); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $request->setTrustedProxies([$request->getClientIp()]); if (!$request->secure()) { return redirect()->secure($request->getRequestUri()); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->secure() && env('APP_ENV') === 'production') { $request->setTrustedProxies([$request->getClientIp()]); return redirect()->secure($request->getRequestUri()); } return $next($request); }
/** * Force to use https:// requests * * @return null|RedirectResponse Redirects to the https:// protocol if the current request is insecure */ public function forceSSL() { if (!$this->request->secure()) { return $this->redirect->secure($this->request->getRequestUri()); } return null; // The request is already secure }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { // if not local environment AND the request isn't safe if (!app()->isLocal() && !$request->secure()) { // redirect to the mathching secure url return redirect()->secure($request->path()); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { // && !App::environment('local') // dd($request->getRequestUri()); if ($request->secure() && !App::environment('local')) { // return redirect('https://www.colorme.vn'); // return redirect()->secure($request->getRequestUri()); return redirect($request->getRequestUri()); } return $next($request); }
/** * Handles the HTTP request. * * @param Illuminate\Http\Request $request The request * @param Closure $next Mechanism for passing the result down the pipeline to the next piece of middleware * * @return Illuminate\Http\Response A Response object that is passed to the next piece of middleware */ public function handle($request, Closure $next) { if ($request->path() === config('auto-deploy.route')) { if (!config('auto-deploy.require-ssl') || $request->secure()) { $origin = $this->determineOrigin(); if (null !== $origin) { if ($origin->isAuthentic()) { // set the origin type in the controller $request->offsetSet('origin', $origin); return $next($request); } else { abort(403, 'Forbidden. Could not verify the origin of the request.'); } } else { abort(403, 'Forbidden. Could not determine the origin of the request.'); } } else { abort(403, 'Forbidden. Webhook requests must be sent using SSL.'); } } // Passthrough if it's not our specific route return $next($request); }
/** * Determine if the request is over HTTPS. * * @return bool * @static */ public static function secure() { return \Illuminate\Http\Request::secure(); }
/** * Shows all projects. * * @param TemplateRepositoryInterface $templateRepository * @param GroupRepositoryInterface $groupRepository * @param Request $request * * @return \Illuminate\View\View */ public function index(TemplateRepositoryInterface $templateRepository, GroupRepositoryInterface $groupRepository, Request $request) { $projects = $this->repository->getAll(); return view('admin.projects.listing', ['is_secure' => $request->secure(), 'title' => Lang::get('projects.manage'), 'templates' => $templateRepository->getAll(), 'groups' => $groupRepository->getAll(), 'projects' => $projects->toJson()]); }
/** * Handle an incoming request. * * @param Request $request * @param Closure $next * @return mixed */ public function handle(Request $request, Closure $next) { // Set up trusted X-Forwarded-Proto proxies // TRUSTED_PROXIES accepts a comma delimited list of subnets // ie, TRUSTED_PROXIES='10.0.0.0/8,172.16.0.0/12,192.168.0.0/16' if (isset($_ENV['TRUSTED_PROXIES'])) { $request->setTrustedProxies(array_map('trim', explode(',', env('TRUSTED_PROXIES')))); } // Ensure all request are over HTTPS in production if (Utils::requireHTTPS() && !$request->secure()) { return Redirect::secure($request->path()); } // If the database doens't yet exist we'll skip the rest if (!Utils::isNinja() && !Utils::isDatabaseSetup()) { return $next($request); } // Check if a new version was installed if (!Utils::isNinja()) { $file = storage_path() . '/version.txt'; $version = @file_get_contents($file); if ($version != NINJA_VERSION) { if (version_compare(phpversion(), '5.5.9', '<')) { dd('Please update PHP to >= 5.5.9'); } $handle = fopen($file, 'w'); fwrite($handle, NINJA_VERSION); fclose($handle); return Redirect::to('/update'); } } // Check the application is up to date and for any news feed messages if (Auth::check()) { $count = Session::get(SESSION_COUNTER, 0); Session::put(SESSION_COUNTER, ++$count); if (isset($_SERVER['REQUEST_URI']) && !Utils::startsWith($_SERVER['REQUEST_URI'], '/news_feed') && !Session::has('news_feed_id')) { $data = false; if (Utils::isNinja()) { $data = Utils::getNewsFeedResponse(); } else { $file = @CurlUtils::get(NINJA_APP_URL . '/news_feed/' . Utils::getUserType() . '/' . NINJA_VERSION); $data = @json_decode($file); } if ($data) { if (version_compare(NINJA_VERSION, $data->version, '<')) { $params = ['user_version' => NINJA_VERSION, 'latest_version' => $data->version, 'releases_link' => link_to(RELEASES_URL, 'Invoice Ninja', ['target' => '_blank'])]; Session::put('news_feed_id', NEW_VERSION_AVAILABLE); Session::flash('news_feed_message', trans('texts.new_version_available', $params)); } else { Session::put('news_feed_id', $data->id); if ($data->message && $data->id > Auth::user()->news_feed_id) { Session::flash('news_feed_message', $data->message); } } } else { Session::put('news_feed_id', true); } } } // Check if we're requesting to change the account's language if (Input::has('lang')) { $locale = Input::get('lang'); App::setLocale($locale); Session::set(SESSION_LOCALE, $locale); if (Auth::check()) { if ($language = Language::whereLocale($locale)->first()) { $account = Auth::user()->account; $account->language_id = $language->id; $account->save(); } } } elseif (Auth::check()) { $locale = Auth::user()->account->language ? Auth::user()->account->language->locale : DEFAULT_LOCALE; App::setLocale($locale); } elseif (session(SESSION_LOCALE)) { App::setLocale(session(SESSION_LOCALE)); } // Make sure the account/user localization settings are in the session if (Auth::check() && !Session::has(SESSION_TIMEZONE)) { Event::fire(new UserSettingsChanged()); } // Check if the user is claiming a license (ie, additional invoices, white label, etc.) if (isset($_SERVER['REQUEST_URI'])) { $claimingLicense = Utils::startsWith($_SERVER['REQUEST_URI'], '/claim_license'); if (!$claimingLicense && Input::has('license_key') && Input::has('product_id')) { $licenseKey = Input::get('license_key'); $productId = Input::get('product_id'); $url = (Utils::isNinjaDev() ? SITE_URL : NINJA_APP_URL) . "/claim_license?license_key={$licenseKey}&product_id={$productId}&get_date=true"; $data = trim(CurlUtils::get($url)); if ($productId == PRODUCT_INVOICE_DESIGNS) { if ($data = json_decode($data)) { foreach ($data as $item) { $design = new InvoiceDesign(); $design->id = $item->id; $design->name = $item->name; $design->pdfmake = $item->pdfmake; $design->save(); } Cache::forget('invoiceDesigns'); Session::flash('message', trans('texts.bought_designs')); } } elseif ($productId == PRODUCT_WHITE_LABEL) { if ($data && $data != RESULT_FAILURE) { $company = Auth::user()->account->company; $company->plan_term = PLAN_TERM_YEARLY; $company->plan_paid = $data; $company->plan_expires = date_create($data)->modify('+1 year')->format('Y-m-d'); $company->plan = PLAN_WHITE_LABEL; $company->save(); Session::flash('message', trans('texts.bought_white_label')); } } } } // Check data has been cached $cachedTables = unserialize(CACHED_TABLES); if (Input::has('clear_cache')) { Session::flash('message', 'Cache cleared'); } foreach ($cachedTables as $name => $class) { if (Input::has('clear_cache') || !Cache::has($name)) { // check that the table exists in case the migration is pending if (!Schema::hasTable((new $class())->getTable())) { continue; } if ($name == 'paymentTerms') { $orderBy = 'num_days'; } elseif ($name == 'fonts') { $orderBy = 'sort_order'; } elseif (in_array($name, ['currencies', 'industries', 'languages', 'countries', 'banks'])) { $orderBy = 'name'; } else { $orderBy = 'id'; } $tableData = $class::orderBy($orderBy)->get(); if (count($tableData)) { Cache::forever($name, $tableData); } } } // Show message to IE 8 and before users if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match('/(?i)msie [2-8]/', $_SERVER['HTTP_USER_AGENT'])) { Session::flash('error', trans('texts.old_browser', ['link' => OUTDATE_BROWSER_URL])); } $response = $next($request); //$response->headers->set('X-Frame-Options', 'DENY'); return $response; }
/** * Validate a given rule against a route and request. * * @param \Illuminate\Routing\Route $route * @param \Illuminate\Http\Request $request * @return bool */ public function matches(Route $route, Request $request) { return $route->secure() ? $request->secure() : true; }