Added headers Middleware

This commit is contained in:
Julian Prieber 2023-08-20 14:57:10 +02:00
parent 708b60ee5b
commit 6be7a3e012
3 changed files with 28 additions and 12 deletions

View File

@ -21,6 +21,7 @@ class Kernel extends HttpKernel
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class, \App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\Headers::class,
]; ];
/** /**

View File

@ -0,0 +1,27 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class Headers
{
public function handle(Request $request, Closure $next)
{
// Check if FORCE_HTTPS is set to true
if (env('FORCE_HTTPS') == 'true') {
\URL::forceScheme('https'); // Force HTTPS
header("Content-Security-Policy: upgrade-insecure-requests");
}
// Check if FORCE_ROUTE_HTTPS is set to true
if (env('FORCE_ROUTE_HTTPS') == 'true' && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')) {
$redirect_url = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location: $redirect_url");
exit();
}
return $next($request);
}
}

View File

@ -1,13 +1 @@
@if(env('FORCE_HTTPS') == 'true')<?php URL::forceScheme('https'); header("Content-Security-Policy: upgrade-insecure-requests"); ?>@endif
<html lang="{{ config('app.locale') }}"> <html lang="{{ config('app.locale') }}">
{{-- Redirects to https if enabled in the advanced-config --}}
@if(env('FORCE_ROUTE_HTTPS') == 'true')
@php
if (! isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] == 'off' ) {
$redirect_url = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location: $redirect_url");
exit();
}
@endphp
@endif