是否可以强制https用于整个应用程序,而无需为所有100个路由/防火墙规则定义它?
我们试图在网络服务器级别强制https,但symfony2仍然尝试重定向到http并生成一些奇怪的链接(http:// […]:443).
我阅读了配置文档,但没有找到任何相关内容.所有食谱条目也仅用于按路径/安全规则启用它.
最佳答案
How to force HTTPS or HTTP for Different URLs
The Security component provides a way to enforce HTTPs via the
requires_channel
setting. This alternative method is better suited
to secure an “area” of your website (all URLs under /admin) or when
you want to secure URLs defined in a third party bundle.
access_control:
- path: ^/secure
roles: ROLE_ADMIN
requires_channel: https