Filters
extends Filters
in package
Table of Contents
Properties
- $aliases : array<string, class-string|array<int, class-string>>
- Configures aliases for Filter classes to make reading things nicer and simpler.
- $filters : array<string, array<string, array<int, string>>>
- List of filter aliases that should run on any before or after URI patterns.
-
$globals
: array{before: array
, after: array } - List of filter aliases that are always applied before and after every request.
- $methods : array<string, array<int, string>>
- List of filter aliases that works on a particular HTTP method (GET, POST, etc.).
-
$required
: array{before: list
, after: list } - List of special required filters.
Properties
$aliases
Configures aliases for Filter classes to make reading things nicer and simpler.
public
array<string, class-string|array<int, class-string>>
$aliases
= ['csrf' => \CodeIgniter\Filters\CSRF::class, 'toolbar' => \CodeIgniter\Filters\DebugToolbar::class, 'honeypot' => \CodeIgniter\Filters\Honeypot::class, 'invalidchars' => \CodeIgniter\Filters\InvalidChars::class, 'secureheaders' => \CodeIgniter\Filters\SecureHeaders::class, 'cors' => \CodeIgniter\Filters\Cors::class, 'forcehttps' => \CodeIgniter\Filters\ForceHTTPS::class, 'pagecache' => \CodeIgniter\Filters\PageCache::class, 'performance' => \CodeIgniter\Filters\PerformanceMetrics::class]
[filter_name => classname] or [filter_name => [classname1, classname2, ...]]
$filters
List of filter aliases that should run on any before or after URI patterns.
public
array<string, array<string, array<int, string>>>
$filters
= []
Example: 'isLoggedIn' => ['before' => ['account/', 'profiles/']]
$globals
List of filter aliases that are always applied before and after every request.
public
array{before: array|string}>|list, after: array|string}>|list}
$globals
= ['before' => [], 'after' => []]
$methods
List of filter aliases that works on a particular HTTP method (GET, POST, etc.).
public
array<string, array<int, string>>
$methods
= []
Example: 'POST' => ['foo', 'bar']
If you use this, you should disable auto-routing because auto-routing permits any HTTP method to access a controller. Accessing the controller with a method you don't expect could bypass the filter.
$required
List of special required filters.
public
array{before: list, after: list}
$required
= ['before' => [
'forcehttps',
// Force Global Secure Requests
'pagecache',
], 'after' => [
'pagecache',
// Web Page Caching
'performance',
// Performance Metrics
'toolbar',
]]
The filters listed here are special. They are applied before and after other kinds of filters, and always applied even if a route does not exist.
Filters set by default provide framework functionality. If removed, those functions will no longer work.