How is \Magento\Framework\Url\SecurityInfo::isSecure() implemented and used?

dmitry_fedyuk · May 31, 2016, 6:26am

Implementation

a5fa3af3/lib/internal/Magento/Framework/Url/SecurityInfo.php#L41-L64

/**
 * Check whether url is secure
 *
 * @param string $url
 * @return bool
 */
public function isSecure($url)
{
	if (!isset($this->secureUrlsCache[$url])) {
		$this->secureUrlsCache[$url] = false;
		foreach ($this->excludedUrlsList as $match) {
			if (strpos($url, (string)$match) === 0) {
				return $this->secureUrlsCache[$url];
			}
		}
		foreach ($this->secureUrlsList as $match) {
			if (strpos($url, (string)$match) === 0) {
				$this->secureUrlsCache[$url] = true;
				break;
			}
		}
	}
	return $this->secureUrlsCache[$url];
}

Usages

1. \Magento\Store\Url\Plugin\SecurityInfo::aroundIsSecure()

github.com

magento/magento2/blob/a5fa3af3/app/code/Magento/Store/etc/di.xml#L90-L92


<type name="Magento\Framework\Url\SecurityInfo">
    <plugin name="storeUrlSecurityInfo" type="Magento\Store\Url\Plugin\SecurityInfo"/>
</type>

github.com

magento/magento2/blob/a5fa3af3/app/code/Magento/Store/Url/Plugin/SecurityInfo.php#L29-L45


/**
 * Check if secure URLs are enabled.
 *
 * @param \Magento\Framework\Url\SecurityInfo $subject
 * @param callable $proceed
 * @param string $url
 * @return bool
 * @SuppressWarnings(PHPMD.UnusedFormalParameter)
 */
public function aroundIsSecure(\Magento\Framework\Url\SecurityInfo $subject, \Closure $proceed, $url)
{
    if ($this->scopeConfig->getValue(Store::XML_PATH_SECURE_IN_FRONTEND, StoreScopeInterface::SCOPE_STORE)) {
        return $proceed($url);
    } else {
        return false;
    }
}

2. \Magento\Store\Model\PathConfig::shouldBeSecure()

a5fa3af3/app/code/Magento/Store/Model/PathConfig.php#L45-L70

/**
 * {@inheritdoc}
 *
 * @param string $path
 * @return bool
 */
public function shouldBeSecure($path)
{
	return parse_url(
		$this->scopeConfig->getValue(
			Store::XML_PATH_UNSECURE_BASE_URL,
			ScopeInterface::SCOPE_STORE
		),
		PHP_URL_SCHEME
	) === 'https'
	|| $this->scopeConfig->isSetFlag(
		Store::XML_PATH_SECURE_IN_FRONTEND,
		ScopeInterface::SCOPE_STORE
	) && parse_url(
		$this->scopeConfig->getValue(
			Store::XML_PATH_SECURE_BASE_URL,
			ScopeInterface::SCOPE_STORE
		),
		PHP_URL_SCHEME
	) == 'https' && $this->urlSecurityInfo->isSecure($path);
}

3. \Magento\Framework\Url::_isSecure()

a5fa3af3/lib/internal/Magento/Framework/Url.php#L357-L389

/**
 * Retrieve is secure mode URL
 *
 * @return bool
 */
protected function _isSecure()
{
	if ($this->_request->isSecure()) {
		return true;
	}

	if ($this->getRouteParamsResolver()->hasData('secure_is_forced')) {
		return (bool) $this->getRouteParamsResolver()->getData('secure');
	}

	if (!$this->_getScope()->isUrlSecure()) {
		return false;
	}

	if (!$this->getRouteParamsResolver()->hasData('secure')) {
		if ($this->_getType() == UrlInterface::URL_TYPE_LINK) {
			$pathSecure = $this->_urlSecurityInfo->isSecure('/' . $this->_getActionPath());
			$this->getRouteParamsResolver()->setData('secure', $pathSecure);
		} elseif ($this->_getType() == UrlInterface::URL_TYPE_STATIC) {
			$isRequestSecure = $this->_getRequest()->isSecure();
			$this->getRouteParamsResolver()->setData('secure', $isRequestSecure);
		} else {
			$this->getRouteParamsResolver()->setData('secure', true);
		}
	}

	return $this->getRouteParamsResolver()->getData('secure');
}

dmitry_fedyuk · May 31, 2016, 6:43am