本文介绍了在CakePHP的SSL的最佳原则的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述 我想为所有网页实施HTTPS。 我使用CakePHP 2.3的「Auth」元件。 实际上，我发现的唯一一种方法是添加一个beforeFilter-condition。 但是这很脏，因为我有很多 -SSL请求，因为Auth-Component。 AppController.php ---> class AppController extends Controller { public function beforeFilter（）{ if（env（SERVER_PORT）！=443）{ $ this- > Security-> blackHoleCallback ='forceSSL'; $ this-> Security-> requireSecure（）; } } public function forceSSL（）{ $ this-> redirect（'https：//'。env（'SERVER_NAME'）。$ this-> here）; } } 当我没有登录并且尝试访问我的网站时出现此问题 > GET hxxp：// MYSITE / - > 302 hxxp s / MYSITE /（beforeFilter-redirection） GET hxxp s ：// MYSITE / - > 302 hxxp：// MYSITE / users / login（Auth component） GET hxxp：// MYSITE / users / login - > 302 hxxp s // MYSITE / users / login - > 200 GET hxxp s strong> POST hxxp s ：// MYSITE / users / login（with creds） - > 302 hxxp：// MYSITE /（Auth组件） GET hxxp：// MYSITE / - > 302 hxxp s ：// MYSITE / / li> GET hxxp s ：// MYSITE / - > 200 SO，你知道另一种方法。 注意：我不得不在core.php中强制安全我的cookie，因为他们不是。 core.php ---> 配置:: write（'Session'，array（'defaults' =>'php'，'ini'=> array（'session.cookie_secure'=> true ） 请注意，我也尝试强制SSL CakePHP中默认的.htaccess文件是 < IfModule mod_rewrite.c> RewriteEngine on RewriteRule ^ $ app / webroot / [L] RewriteRule（。*）app / webroot / $ 1 [L] < / IfModule> 我试图添加： RewriteCond％{SERVER_PORT} 80 RewriteRule ^（。*）$ https://www.example.com/$1 [R，L] 解决方案最后，我选择的解决方案是： 正在删除/app/webroot/.htaccess和/app/.htaccess 修改/.htaccess到 .htaccess ---> RewriteEngine on RewriteCond％{SERVER_PORT}！^ 443 $ RewriteRule。* https：//％{SERVER_NAME}％{REQUEST_URI} [R，L] 在Cake中禁用网址重写 core.php ---> .baseUrl'，env（'SCRIPT_NAME'））; 现在可通过 hxxps：// www.mysite.com/index.php/controller/action I'd like to implement HTTPS for all pages.I use CakePHP 2.3 with the "Auth" component.Actually the only one way I found is to add a "beforeFilter-condition".But this is very dirty because I have a lot of "not-SSL" requests because of Auth-Component.AppController.php --->class AppController extends Controller { public function beforeFilter() { if (env("SERVER_PORT") != "443") { $this->Security->blackHoleCallback = 'forceSSL'; $this->Security->requireSecure(); } } public function forceSSL() { $this->redirect('https://' . env('SERVER_NAME') . $this->here); }}The problem appears when I am not logged in and I try to access my websiteRequest --> Response (because of)GET hxxp://MYSITE/ --> 302 hxxps://MYSITE/ (beforeFilter-redirection)GET hxxps://MYSITE/ --> 302 hxxp://MYSITE/users/login (Auth component)GET hxxp://MYSITE/users/login --> 302 hxxps://MYSITE/users/login (beforeFilter-redirection)GET hxxps://MYSITE/users/login --> 200POST hxxps://MYSITE/users/login (with creds) --> 302 hxxp://MYSITE/ (Auth component)GET hxxp://MYSITE/ --> 302 hxxps://MYSITE/GET hxxps://MYSITE/ --> 200SO, do you know another way to do that.NB: I had to force secure my cookie in core.php because they weren't.core.php --->Configure::write('Session', array( 'defaults' => 'php', 'ini' => array( 'session.cookie_secure' => true )));Note that I also tried to force SSL by modifying .htaccess but all I get is infinite loop.EDIT :The default .htaccess in CakePHP is<IfModule mod_rewrite.c> RewriteEngine on RewriteRule ^$ app/webroot/ [L] RewriteRule (.*) app/webroot/$1 [L]</IfModule>What I tried to add :RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L] 解决方案 Finally, the solution I chose was:Deleting /app/webroot/.htaccess and /app/.htaccessModifying /.htaccess to.htaccess --->RewriteEngine onRewriteCond %{SERVER_PORT} !^443$RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]Disabling URL-Rewriting in Cakecore.php --->Configure::write('App.baseUrl', env('SCRIPT_NAME'));Now access is via hxxps://www.mysite.com/index.php/controller/action 这篇关于在CakePHP的SSL的最佳原则的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！