1

I have to use HTTPS for only single page in symfony2 app. I've tried like

security.yml

- { path: ^/payment, roles: ROLE_USER, requires_channel: https }

It works good but when i navigate to other pages from /payment page its stays same in HTTPS instead of HTTP. I've also tried something from sonata admin controller like:

PaymentAdmin.php

$collection
        ->add('makePayment', 'payment/{paymentId}',$options = array('_scheme' => 'https'));

but the same problem.simply i just want to use HTTPS only for /payment page not for other pages.how can i solve this issue.

Kathirvel Shanmugasundaram
  • 153
  • 1
  • 1
  • 11

1 Answers1

2

You could try adding regexp start notation "^" to your path like this "^/payment" which should state that routes which start with /payment should be in "https".

{ path: ^/payment, roles: ROLE_USER, requires_channel: https }

The example in http://symfony.com/doc/current/cookbook/security/force_https.html also shows that.

antanas_sepikas
  • 5,644
  • 4
  • 36
  • 67
  • You also could try adding "$" to end of path like this ^/payment$ which then should work only form route /payment and not it's sub routes. – antanas_sepikas Jul 10 '14 at 08:12
  • yes, i did the same but my problem is my whole site is using **http** if once i visit /payment page it changed to **https** and never revert back to **http**. i just want **https** for /payment page. – Kathirvel Shanmugasundaram Jul 10 '14 at 09:02
  • Have you tried adding { path: ^/, roles: ROLE_USER, requires_channel: http } this should enforce http on all routes and if you leave https settings for /payment, it should switch when moving between /payment and the rest of the site. – antanas_sepikas Jul 10 '14 at 09:19
  • You could also try enforcing https for controller when defining route by adding schemes: [https] option. – antanas_sepikas Jul 10 '14 at 09:24
  • yes,i have tried like, adding { path: ^/, roles: ROLE_USER, requires_channel: http } in security.yml and then add routing option as schemes: https in controller but controller option doesn't override security.yml option. – Kathirvel Shanmugasundaram Jul 10 '14 at 09:26
  • 1
    if you defined you options in this order : { path: ^/payment, roles: ROLE_USER, requires_channel: https } { path: ^/, roles: ROLE_USER, requires_channel: http } , you may try switch them like this { path: ^/, roles: ROLE_USER, requires_channel: http } { path: ^/payment, roles: ROLE_USER, requires_channel: https }, thought not sure if that will help, but ordering sometimes is really important. at least in routing. – antanas_sepikas Jul 10 '14 at 09:31
  • Thanks @sepikas it's works fine with minor change in path pattern. i've used used **/payment** instead of **^/payment** – Kathirvel Shanmugasundaram Jul 11 '14 at 10:26