silverstripe-framework/_config/requestprocessors.yml
2018-06-13 11:33:45 +12:00

59 lines
2.1 KiB
YAML

---
Name: requestprocessors
---
SilverStripe\Core\Injector\Injector:
SilverStripe\Control\Director:
# Note: Don't add 'class' config here, as it will affect ErrorDirector as well
properties:
Middlewares:
TrustedProxyMiddleware: '%$SilverStripe\Control\Middleware\TrustedProxyMiddleware'
AllowedHostsMiddleware: '%$SilverStripe\Control\Middleware\AllowedHostsMiddleware'
SessionMiddleware: '%$SilverStripe\Control\Middleware\SessionMiddleware'
RequestProcessorMiddleware: '%$SilverStripe\Control\RequestProcessor'
FlushMiddleware: '%$SilverStripe\Control\Middleware\FlushMiddleware'
HTTPCacheControleMiddleware: '%$SilverStripe\Control\Middleware\HTTPCacheControlMiddleware'
CanonicalURLMiddleware: '%$SilverStripe\Control\Middleware\CanonicalURLMiddleware'
SilverStripe\Control\Middleware\AllowedHostsMiddleware:
properties:
AllowedHosts: '`SS_ALLOWED_HOSTS`'
SilverStripe\Control\Middleware\TrustedProxyMiddleware:
properties:
TrustedProxyIPs: '`SS_TRUSTED_PROXY_IPS`'
SecurityRateLimitMiddleware:
class: SilverStripe\Control\Middleware\RateLimitMiddleware
properties:
ExtraKey: 'Security'
MaxAttempts: 10
Decay: 1
RateLimitedSecurityController:
class: SilverStripe\Control\Middleware\RequestHandlerMiddlewareAdapter
properties:
RequestHandler: '%$SilverStripe\Security\Security'
Middlewares:
- '%$SecurityRateLimitMiddleware'
---
Name: errorrequestprocessors
After:
- '#requestprocessors'
---
SilverStripe\Core\Injector\Injector:
# Note: If Director config changes, take note it will affect this config too
SilverStripe\Core\Startup\ErrorDirector: '%$SilverStripe\Control\Director'
---
Name: canonicalurls
---
SilverStripe\Core\Injector\Injector:
SilverStripe\Control\Middleware\CanonicalURLMiddleware:
properties:
ForceSSL: false
ForceWWW: false
---
Name: httpcache-dev
Only:
environment: dev
---
SilverStripe\Core\Injector\Injector:
SilverStripe\Control\Middleware\HTTPCacheControlMiddleware:
Properties:
Enabled: false