微信公众号 讲师中心
首页
文章
后端开发 web前端 数据库 开发工具 php框架 常见问题 科技 Java 系统教程 电脑教程 硬件教程 手机教程 软件教程 游戏教程 自媒体 新闻
专题
后端开发 web前端 数据库 开发工具 php框架 科技 Java 系统教程 电脑教程 硬件教程 手机教程 软件教程 游戏教程 新闻
AI工具
AI 聊天问答 Agent智能体 AI 文本写作 AI 绘画作图 AI 设计工具 AI 视频创作 AI 音频制作 AI 办公学习 AI 编程开发 Prompt指令
学习
大前端 后端开发 数据库 移动端 运维开发 计算机基础
编程手册
大前端 后端开发 数据库 移动端 运维开发 计算机基础
下载
js特效 网站源码 工具下载 类库下载 网站素材 学习资源 插件扩展 手机/移动开发 手机游戏
搜索
后端开发 web前端 数据库 开发工具 php框架 常见问题 科技 Java 系统教程 电脑教程 硬件教程 手机教程 软件教程 游戏教程
自媒体 新闻
首页 > php教程 > php手册 > 正文

HTTP/HTTPS, without index.php, using htaccess, plus XHR

php中文网
发布: 2016-06-06 19:54:04
原创
4569人浏览过

Removing index.php and forcing HTTP/HTTPS I have read many posts about people trying to force HTTPS for some views and returning to HTTP for others. I struggled with this for a while too but I think this solution is pretty solid. First of

removing index.php and forcing http/https

I have read many posts about people trying to force HTTPS for some views and returning to HTTP for others. I struggled with this for a while too but I think this solution is pretty solid.

First of all, having your base_url automatically adjust between http and https makes everything much easier. This way all your base_url() and site_url() calls have the proper protocol.

<span><span>$config[</span><span>'base_url'</span><span>] </span><span>= </span><span>"http"</span><span>.((isset(</span><span>$_SERVER[</span><span>'HTTPS'</span><span>]</span><span>) && </span><span>$_SERVER[</span><span>'HTTPS'</span><span>] </span><span>== </span><span>"on"</span><span>) ? </span><span>"s" </span><span>: </span><span>""</span><span>).</span><span>"://"</span><span>.</span><span>$_SERVER[</span><span>'HTTP_HOST'</span><span>]</span><span>.</span><span>str_replace</span><span>(</span><span>basename</span><span>(</span><span>$_SERVER[</span><span>'SCRIPT_NAME'</span><span>]</span><span>),</span><span>""</span><span>,</span><span>$_SERVER[</span><span>'SCRIPT_NAME'</span><span>]</span><span>); </span></span>

Starting with the usual htaccess file:

<span><span><span>IfModule mod_rewrite</span><span>.</span><span>c</span><span>><br>     </span><span>RewriteEngine on<br>     Options </span><span>+</span><span>FollowSymLinks<br>     RewriteBase </span><span>/<br>     <br>     </span><span>RewriteCond </span><span>%</span><span>{REQUEST_FILENAME} </span><span>!-</span><span>f<br>     RewriteCond </span><span>%</span><span>{REQUEST_FILENAME} </span><span>!-</span><span>d<br>     RewriteRule </span><span>^(.*)$ </span><span>index</span><span>.</span><span>php</span><span>/$</span><span>1<br></span><span></span><span>IfModule</span><span>><br><br><span>IfModule </span><span>!</span><span>mod_rewrite</span><span>.</span><span>c</span><span>><br>     </span><span>ErrorDocument 404 </span><span>/</span><span>index</span><span>.</span><span>php<br></span><span></span><span>IfModule</span><span>> </span></span></span></span>

You can then check whether HTTPS is on or not with:

立即学习PHP免费学习笔记(深入)”;

<span><span>RewriteCond </span><span>%</span><span>{HTTPS} off<br> RewriteCond </span><span>%</span><span>{HTTPS} on </span></span>

For example, to force HTTPS on all pages you could use the following:

<span><span>RewriteCond </span><span>%</span><span>{HTTPS} off<br> RewriteRule </span><span>^(.*)$ </span><span>https</span><span>:</span><span>//%{SERVER_NAME}%{REQUEST_URI} [R=301] </span></span>

To force HTTPS on some pages:

<span><span>RewriteCond </span><span>%</span><span>{HTTPS} off<br> RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>(</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>)<br></span><span>RewriteRule </span><span>^(.*)$ </span><span>https</span><span>:</span><span>//%{SERVER_NAME}%{REQUEST_URI} [R=301] </span></span>

To return back to HTTP:

<span><span>RewriteCond </span><span>%</span><span>{HTTPS} on<br> RewriteRule </span><span>^(.*)$ </span><span>http</span><span>:</span><span>//%{SERVER_NAME}%{REQUEST_URI} [R=301] </span></span>

To return back to HTTP on all other pages, you need to add exceptions for the pages that are secure:

IS上启用Gzip压缩(HTTP压缩) 详解
IS上启用Gzip压缩(HTTP压缩) 详解

IS上启用Gzip压缩(HTTP压缩) 详解

IS上启用Gzip压缩(HTTP压缩) 详解 352
查看详情 IS上启用Gzip压缩(HTTP压缩) 详解

<span><span>RewriteCond </span><span>%</span><span>{HTTPS} off<br> RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>(</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>)<br></span><span>RewriteRule </span><span>^(.*)$ </span><span>https</span><span>:</span><span>//%{SERVER_NAME}%{REQUEST_URI} [R=301]<br><br></span><span>RewriteCond </span><span>%</span><span>{HTTPS} on<br> RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>!(</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>)<br></span><span>RewriteRule </span><span>^(.*)$ </span><span>http</span><span>:</span><span>//%{SERVER_NAME}%{REQUEST_URI} [R=301] </span></span>

To avoid a partially encrypted page, you need to add exceptions for any other URIs you might use such as your images or scripts folder. I like to place everything in a folder called ‘static’ (‘static/images’, ‘static/js’, etc) so I only add one exception for that.

<span><span>RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>!(static|</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>) </span></span>

The finished product:

<span><span><span>IfModule mod_rewrite</span><span>.</span><span>c</span><span>><br>     </span><span>RewriteEngine on<br>     Options </span><span>+</span><span>FollowSymLinks<br>     RewriteBase </span><span>/<br>     <br>     </span><span>RewriteCond </span><span>%</span><span>{REQUEST_FILENAME} </span><span>!-</span><span>f<br>     RewriteCond </span><span>%</span><span>{REQUEST_FILENAME} </span><span>!-</span><span>d<br>     RewriteRule </span><span>^(.*)$ </span><span>index</span><span>.</span><span>php</span><span>/$</span><span>1<br><br>     RewriteCond </span><span>%</span><span>{HTTPS} off<br>     RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>(</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>)<br>     </span><span>RewriteRule </span><span>^(.*)$ </span><span>https</span><span>:</span><span>//%{SERVER_NAME}%{REQUEST_URI} [R=301]<br><br>     </span><span>RewriteCond </span><span>%</span><span>{HTTPS} on<br>     RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>!(static|</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>)<br>     </span><span>RewriteRule </span><span>^(.*)$ </span><span>http</span><span>:</span><span>//%{SERVER_NAME}%{REQUEST_URI} [R=301]<br></span><span></span><span>IfModule</span><span>><br><br><span>IfModule </span><span>!</span><span>mod_rewrite</span><span>.</span><span>c</span><span>><br>     </span><span>ErrorDocument 404 </span><span>/</span><span>index</span><span>.</span><span>php<br></span><span></span><span>IfModule</span><span>> </span></span></span></span>


HTTPS and XmlHttpRequests (Ajax)

Not only do XHR calls throw security errors when you try to load content between domains but also between HTTP and HTTPS. Secondly, the headers passed by apache allow browsers to automatically redirect but the XmlHttpRequest object does not.

To solve this you would have to add an exception for any URI that you planned on accessing from one protocol to another.

Example:

<span><span>RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>!(static|</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>|</span><span>categories</span><span>/</span><span>get_list</span><span>|</span><span>products</span><span>/</span><span>get_types</span><span>)<br><br></span><span></span><span>=</span><span>site_url</span><span>(</span><span>'categories/get_list'</span><span>);</span><span>?> </span></span>

I quickly found out that this became tedious and confusing when I had a lot of requests in a secure environment. Routes to the rescue!

By adding the following to your routes file:

<span><span>$route[</span><span>'xhr/(:any)'</span><span>] </span><span>= </span><span>'$1'</span><span>; </span></span>

And adding ‘xhr’ to your list of exceptions; you can now call any URI within your application without changing protocols while still allowing the browser to view that controller using another protocol.

<span><span>RewriteCond </span><span>%</span><span>{REQUEST_URI} </span><span>!(static|</span><span>xhr</span><span>|</span><span>auth</span><span>|</span><span>register</span><span>|</span><span>secure</span><span>)<br><br></span><span></span><span>=</span><span>site_url</span><span>(</span><span>'xhr/categories/get_list'</span><span>);</span><span>?> </span></span>

I hope this has been helpful!

Phil

大家都在看:

PHP速学教程(入门到精通)
PHP速学教程(入门到精通)

PHP怎么学习?PHP怎么入门?PHP在哪学?PHP怎么学才快?不用担心,这里为大家提供了PHP速学教程(入门到精通),有需要的小伙伴保存下载就能学习啦!

下载
来源:php中文网
收藏 点赞
上一篇:使用EaglePHP打造自己的网站(非PHP程序员的菜鸟使用手册) 下一篇:PHP中日期加减方法
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系admin@php.cn
最新问题
在python的开发过程中如何进行单链表的实现(代码) 本文介绍了如何实现单链表,希望大家耐心学习。
2018-09-15 09:33:11
11046
如何理解Elasticsearch单机双节点集群部署 这篇文章,我们还是做些基础的学习,在Elasticsearch如何进行CRUD。
2018-09-14 16:03:42
12871
如何理解关于memset函数 本文介绍了如何理解关于memset函数 ,希望大家耐心学习。
2018-09-14 15:27:49
5389
启动页进入时有短暂黑屏或白屏现象的终极解决方案 irontec 推出了一个开源项目 PHP for Android (PFA),把php带到Android平台上。现在我们来介绍一下。
2018-09-14 15:13:15
5474
如何把WebStorm上传代码到Git ​我是一名前端开发工程师。大概1年前开始使用webstorm这个编辑器,今天向大家介绍一下这个软件。
2018-09-14 14:49:20
6306
分布式系统唯一ID生成方案汇总 系统唯一ID是我们在设计一个系统的时候常常会遇见的问题,也常常为这个问题而纠结。生成ID的方法有很多,适应不同的场景、需求以及性能要求。所以有些比较复杂的系统会有多个ID生成的策略。下面就介绍一些常见的ID生成策略。
2018-09-14 13:39:20
5912
如何在远程过程调用(RPC) HTTP请求式 做过Socket编程的人都知道,当我们设计一个通信协议时,“消息头/消息体”的分割方式是很常用的,消息头告诉对方这个消息是干什么的,消息体告诉对方怎么干。
2018-09-14 11:44:18
4513
Visual Studio Code中安装go语言插件 PHP入门之语句,包括if语句、while语句、go语句,供PHP初学者参考。
2018-09-14 11:38:24
5295
详解Sublime Text 2 代码编辑器或者文本编辑器,对于程序员来说,就像剑与战士一样,谁都想拥有一把可以随心驾驭且锋利无比的宝剑,而每一位程序员,同样会去追求最适合自己的强大、灵活的编辑器,相信你和我一样,都不会例外。我用过的编辑器不少,真不少~ 但却没有哪款让我特别心仪的,直到我遇到了 Sublime Text 2 !如果说“神器”是我能给予一款软件最高的评价,那么我很乐意为它封上这么一个称号。它小巧绿色且速度非常快
2018-06-11 16:24:34
2886
用CSS实现的一张图完成的按钮实例 用CSS实现的一张图完成的导航条ul,li{ list-style:non...
2018-05-09 20:23:31
2381
相关专题
更多>
热门推荐
开源免费商场系统广告
热门教程
更多>
相关推荐
热门推荐
最新课程
最新下载
更多>
网站特效
网站源码
网站素材
前端模板
关于我们 免责申明 举报中心 意见反馈 讲师合作 广告合作 最新更新 English
php中文网:公益在线php培训,帮助PHP学习者快速成长!
关注服务号 技术交流群
PHP中文网订阅号
每天精选资源文章推送
PHP中文网APP
随时随地碎片化学习

Copyright 2014-2025 https://www.php.cn/ All Rights Reserved | php.cn | 湘ICP备2023035733号

  • PHP学习

  • 技术支持

  • 返回顶部