-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Route httpOnly #1689
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Commit that introduced the dysfonction.
3b179df#diff-f006d8a8efa02d74816ed58cff7bbf82
Actual Behaviour
Routes declared with or without "https" option are always returned by the router as https:// instead of https://
Illuminate\Routing\RouteUrlGenerator->getRouteScheme
if $route->httpOnly() return true it return 'https://'.
But Dingo\Api\Routing\Route->httpOnly
will always return true and tell to create uri starting with https:// instead of https://
It breaks all tests which assert that uri are returned with the corresponding https option when they are run from a local computer or a CICD which don't use ssl/https server.
Expected Behaviour
Option "https" must force https:// even if the request is not in secure mode.
So
httpOnly()
should not return true when "https" is used on routes.When we put 'https' or 'https'=>true it force the secure mode so as to always return https uri in transformers.
Steps to Reproduce
Create a route with 'https' or 'https'=>true option
From a controller ask to create an uri from the router.
app('Dingo\Api\Routing\UrlGenerator')->version('v1')->route('products.show', 0208006)
it returns
https://localhost/api/products/0208006
instead ofhttps://localhost/api/products/0208006
Possible Solutions
Revert this commit
3b179df#diff-f006d8a8efa02d74816ed58cff7bbf82
And applies it on httpsOnly/secure method.
The text was updated successfully, but these errors were encountered: