Declaration
See also: How is the «web/secure/use_in_frontend
» option implemented and used?
Usages
1. \Magento\Store\Model\Store::isFrontUrlSecure()
2. \Magento\Store\Model\Store::isCurrentlySecure()
a5fa3af3/app/code/Magento/Store/Model/Store.php#L782-L805
/**
* Check if request was secure
*
* @return boolean
*/
public function isCurrentlySecure()
{
if ($this->_request->isSecure()) {
return true;
}
$secureBaseUrl = $this->_config->getValue(self::XML_PATH_SECURE_BASE_URL, ScopeInterface::SCOPE_STORE);
$secureFrontend = $this->_config->getValue(self::XML_PATH_SECURE_IN_FRONTEND, ScopeInterface::SCOPE_STORE);
if (!$secureBaseUrl || !$secureFrontend) {
return false;
}
$uri = \Zend_Uri::factory($secureBaseUrl);
$port = $uri->getPort();
$serverPort = $this->_request->getServer('SERVER_PORT');
$isSecure = $uri->getScheme() == 'https' && isset($serverPort) && $port == $serverPort;
return $isSecure;
}
3. \Magento\Store\Model\PathConfig::shouldBeSecure()
a5fa3af3/app/code/Magento/Store/Model/PathConfig.php#L45-L70
/**
* {@inheritdoc}
*
* @param string $path
* @return bool
*/
public function shouldBeSecure($path)
{
return parse_url(
$this->scopeConfig->getValue(
Store::XML_PATH_UNSECURE_BASE_URL,
ScopeInterface::SCOPE_STORE
),
PHP_URL_SCHEME
) === 'https'
|| $this->scopeConfig->isSetFlag(
Store::XML_PATH_SECURE_IN_FRONTEND,
ScopeInterface::SCOPE_STORE
) && parse_url(
$this->scopeConfig->getValue(
Store::XML_PATH_SECURE_BASE_URL,
ScopeInterface::SCOPE_STORE
),
PHP_URL_SCHEME
) == 'https' && $this->urlSecurityInfo->isSecure($path);
}
4. \Magento\Store\Model\HeaderProvider\Hsts::canApply()
5. \Magento\Store\Model\HeaderProvider\UpgradeInsecure::canApply()
6. \Magento\Store\Url\Plugin\SecurityInfo::aroundIsSecure()
a5fa3af3/lib/internal/Magento/Framework/Url/SecurityInfo.php#L41-L64
/**
* Check whether url is secure
*
* @param string $url
* @return bool
*/
public function isSecure($url)
{
if (!isset($this->secureUrlsCache[$url])) {
$this->secureUrlsCache[$url] = false;
foreach ($this->excludedUrlsList as $match) {
if (strpos($url, (string)$match) === 0) {
return $this->secureUrlsCache[$url];
}
}
foreach ($this->secureUrlsList as $match) {
if (strpos($url, (string)$match) === 0) {
$this->secureUrlsCache[$url] = true;
break;
}
}
}
return $this->secureUrlsCache[$url];
}
See also:
- How are the
secureUrlList
andexcludedUrlList
arguments injected to the\Magento\Framework\Url\SecurityInfo
's constructor? - How is
\Magento\Framework\Url\SecurityInfo::isSecure()
implemented and used?
7. \Magento\Setup\Model\StoreConfigurationDataMapper::$pathDataMap
8. \Magento\Paypal\Model\Payflowlink::_getCallbackUrl()
a5fa3af3/app/code/Magento/Paypal/Model/Payflowlink.php#L566-L597
/**
* Get callback url
*
* @param string $actionName
* @return string
*/
protected function _getCallbackUrl($actionName)
{
if ($this->_requestHttp->getParam('website')) {
/** @var $website \Magento\Store\Model\Website */
$website = $this->_websiteFactory->create()->load($this->_requestHttp->getParam('website'));
$secure = $this->_scopeConfig->isSetFlag(
\Magento\Store\Model\Store::XML_PATH_SECURE_IN_FRONTEND,
\Magento\Store\Model\ScopeInterface::SCOPE_STORE,
$website->getDefaultStore()
);
$path = $secure ? \Magento\Store\Model\Store::XML_PATH_SECURE_BASE_LINK_URL : \Magento\Store\Model\Store::XML_PATH_UNSECURE_BASE_LINK_URL;
$websiteUrl = $this->_scopeConfig->getValue(
$path,
\Magento\Store\Model\ScopeInterface::SCOPE_STORE,
$website->getDefaultStore()
);
} else {
$secure = $this->_scopeConfig->isSetFlag(
\Magento\Store\Model\Store::XML_PATH_SECURE_IN_FRONTEND,
\Magento\Store\Model\ScopeInterface::SCOPE_STORE
);
$websiteUrl = $this->storeManager->getStore()->getBaseUrl(\Magento\Framework\UrlInterface::URL_TYPE_LINK, $secure);
}
return $websiteUrl . 'paypal/' . $this->_callbackController . '/' . $actionName;
}