2 Catalyst::Plugin::RequireSSL - Force SSL mode on select pages
5 use Catalyst 'RequireSSL';
7 MyApp->config->{require_ssl} = {
8 https => 'secure.mydomain.com',
9 http => 'www.mydomain.com',
16 Use this plugin if you wish to selectively force SSL mode on some of
17 your web pages, for example a user login form or shopping cart.
19 Simply place $c->require_ssl calls in any controller method you wish to
22 This plugin will automatically disable itself if you are running under
23 the standalone HTTP::Daemon Catalyst server. A warning message will be
24 printed to the log file whenever an SSL redirect would have occurred.
27 If you utilize different servers or hostnames for non-SSL and SSL
28 requests, and you rely on a session cookie to determine redirection (i.e
29 for a login page), your cookie must be visible to both servers. For more
30 information, see the documentation for the Session plugin you are using.
33 Configuration is optional. You may define the following configuration
38 If your SSL domain name is different from your non-SSL domain, set this
43 If you have set the https value above, you must also set the hostname of
48 If you'd like your users to remain in SSL mode after visiting an
49 SSL-required page, you can set this option to 1. By default, users will
50 be redirected back to non-SSL mode as soon as possible.
54 Call require_ssl in any controller method you wish to be secured.
58 The browser will be redirected to the same path on your SSL server.
59 POST requests are never redirected.
62 Redirect back to non-SSL mode if necessary.
68 Generate the redirection URI.
71 When viewing an SSL-required page that uses static files served from the
72 Static plugin, the static files are redirected to the non-SSL path. It
73 may be possible to work around this by checking the referer protocol,
74 but currently there is no way to determine if a file being served is
77 For best results, always serve static files directly from your web
78 server without using the Static plugin.
84 Andy Grundman, "andy@hybridized.org"
87 This program is free software, you can redistribute it and/or modify it
88 under the same terms as Perl itself.