Lukas Kahwe Smith wrote:
> Hi,
>
> I have some questions regarding sfSslRequirement [1]:
> - Is there a reason why it was not implemented to not redirect to https
> in development mode?
>
> - Is there a reason why the redirction is not only done on isFirstCall()?
>
> - Why is the code structured to not just have a $filterChain->execute();
> call at the end, since the redirect should stop execution anyways?
>
> The above issues do not seem to be the case with the following solution:
> http://blog.phpdeveloper.co.nz/2006/10/25/ssl-redirect-filter-for-symfony/
>
> However its not as cleanly implemented in other areas and it seems like
> Fabien had his fingers on sfSslRequirement, so I am just wondering of
> these were oversights or if I am missing something.
>
> regards,
> Lukas
>
> [1] http://www.symfony-project.com/trac/wiki/sfSslRequirementPlugin
So Fabien told me to just commit to the plugin. But I would prefer to
hear from existing users before I go ahead with changes.
On thing before I show the code:
"If an action is not secured and allow_ssl is false, then all HTTPS
request will be redirected to HTTP."
I think there is a typo there and "not secured" should read "secured"
However I think the following steps would be better:
I) only execute once per request and when not in dev environment
A) if not posting
1) if secured
a) then check if its allowed else redirect from https to http
b) else if secured required redirect from http to https
Anyways here is a quick implementation that should be more efficient,
that I have not yet tested.
public function execute ($filterChain)
{
// execute only once and only if we are not in the development
environment
if ($this->isFirstCall() && SF_ENVIRONMENT != 'dev')
{
// get the cool stuff
$context = $this->getContext();
$request = $context->getRequest();
// only redirect if not posting
if ($request->getMethod() != sfRequest::POST) {
$controller = $context->getController();
// get the current action instance
$actionEntry = $controller->getActionStack()->getLastEntry();
$actionInstance = $actionEntry->getActionInstance();
// request is SSL secured
if ($request->isSecure())
{
// but SSL is not allowed
if (!$actionInstance->sslAllowed())
{
$controller->redirect(str_replace('https', 'http',
$request->getUri()));
}
}
// request is not SSL secured, but SSL is required
else if ($actionInstance->sslRequired())
{
$controller->redirect(str_replace('http', 'https',
$request->getUri()));
}
}
}
$filterChain->execute();
}
regards,
Lukas
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
-~----------~----~----~----~------~----~------~--~---
