Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Force Canonical to use HTTPS

I want my customer section to be https, e.g. registration, login, personal details, order details, etc. I have set up my route to include the https scheme (I can access the customer section via https) but I cannot force my links to use https:

<a class="register" href="<?php echo $this->url('customer/default', array('controller' => 'registration', 'action' => 'index'), array('scheme' => 'https', 'force_canonical' => true,)); ?>">Register</a>

What I get: http://myproject.dev/customer/registration

What I want: https://myproject.dev/customer/registration

It appears to be using the current scheme - so if I'm on http then the url is http, if I'm on https then the url is https.

How do I force $this->url to use the https scheme all the time?

'router' => array(
  'routes' => array(
    'customer' => array(
      'type' => 'Zend\Mvc\Router\Http\Literal',
      'options' => array(
        'route' => '/customer',
        'scheme' => 'https',
        'defaults' => array(
          '__NAMESPACE__' => 'Customer\Controller',
          'https' => true,
          'controller' => 'Index',
          'action' => 'index',
        ),
      ),
      'child_routes' => array(
        'default' => array(
          'type' => 'Segment',
          'options' => array(
            'route' => '/[:controller[/:action]]',
            'scheme' => 'https',
            'constraints' => array(
              'controller' => '[a-zA-Z][a-zA-Z0-9_-]*',
              'action' => '[a-zA-Z][a-zA-Z0-9_-]*',
            ),
            'defaults' => array(
            ),
          ),
        ),
      ),
    ),
  ),
),

[edit]

myproject.dev is my local machine where I've changed my hosts a vhosts file. I have set up my vhosts file to accept ssl and that's not the issue.

I've changed the route type to Zend\Mvc\Router\Http\Scheme and added the scheme option but that generates the following url: https://myproject.dev:80/registration which generates an SSL connection error as it's trying to connect to port 80!

When I change the child_routes type to scheme the url generated is: https://myproject.dev:80/customer

[edit]

As a stop-gap solution I am doing a htaccess redirect if the user is trying to access the customer section on a non-secure scheme:

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/customer/?.*$
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

I do not like this approach as it should not be necessary!

[edit]

While I want my customer section to be https, I do not want the rest of the site to be.

like image 724
Richard Parnaby-King Avatar asked Jan 29 '16 11:01

Richard Parnaby-King


2 Answers

use Zend\Uri\UriFactory;

add the following code on top of your action or make a method inside a plugin.

$uri = $this->getRequest()->getUri();
        $uri = (string) $uri;
        $url = UriFactory::factory($uri);
        $http = 'http';
        $http_current = $url->getScheme();
        if($http == $http_current){
            $url->setScheme('https');
            return $this->redirect()->toUrl($url);
        }
like image 101
dixromos98 Avatar answered Sep 28 '22 11:09

dixromos98


Can you please add this 2 lines in your .htaccess file.

<IfModule mod_rewrite.c>
      RewriteEngine on
      RewriteCond %{HTTP_HOST} !^myproject\.
      RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
</IfModule>

It will run on https protocol.

like image 44
Ashwin Parmar Avatar answered Sep 28 '22 11:09

Ashwin Parmar