public function Request::isSecure in RESTful 7.2

Checks whether the request is secure or not.

This method can read the client port from the "X-Forwarded-Proto" header when trusted proxies were set via "setTrustedProxies()".

The "X-Forwarded-Proto" header must contain the protocol: "https" or "http".

If your reverse proxy uses a different header name than "X-Forwarded-Proto" ("SSL_HTTPS" for instance), configure it via "setTrustedHeaderName()" with the "client-proto" key.

Return value

bool

Overrides RequestInterface::isSecure

File

src/Http/Request.php, line 535: Contains \Drupal\restful\Http\Request

Class

Request: Deals with everything coming from the consumer.

Namespace

Drupal\restful\Http

Code

public function isSecure() {
  if (self::$trustedProxies && self::$trustedHeaders[self::HEADER_CLIENT_PROTO] && ($proto = $this->headers
    ->get(self::$trustedHeaders[self::HEADER_CLIENT_PROTO])
    ->getValueString())) {
    return in_array(strtolower(current(explode(',', $proto))), array(
      'https',
      'on',
      'ssl',
      '1',
    ));
  }
  $https = $this->server['HTTPS'];
  return !empty($https) && strtolower($https) !== 'off';
}

You are here