5
use CodeIgniter\Config\Filters as BaseFilters;
6
use CodeIgniter\Filters\Cors;
7
use CodeIgniter\Filters\CSRF;
8
use CodeIgniter\Filters\DebugToolbar;
9
use CodeIgniter\Filters\ForceHTTPS;
10
use CodeIgniter\Filters\Honeypot;
11
use CodeIgniter\Filters\InvalidChars;
12
use CodeIgniter\Filters\PageCache;
13
use CodeIgniter\Filters\PerformanceMetrics;
14
use CodeIgniter\Filters\SecureHeaders;
16
class Filters extends BaseFilters
19
* Configures aliases for Filter classes to
20
* make reading things nicer and simpler.
22
* @var array<string, class-string|list<class-string>>
24
* [filter_name => classname]
25
* or [filter_name => [classname1, classname2, ...]]
27
public array $aliases = [
28
'csrf' => CSRF::class,
29
'toolbar' => DebugToolbar::class,
30
'honeypot' => Honeypot::class,
31
'invalidchars' => InvalidChars::class,
32
'secureheaders' => SecureHeaders::class,
33
'cors' => Cors::class,
34
'forcehttps' => ForceHTTPS::class,
35
'pagecache' => PageCache::class,
36
'performance' => PerformanceMetrics::class,
40
* List of special required filters.
42
* The filters listed here are special. They are applied before and after
43
* other kinds of filters, and always applied even if a route does not exist.
45
* Filters set by default provide framework functionality. If removed,
46
* those functions will no longer work.
48
* @see https://codeigniter.com/user_guide/incoming/filters.html#provided-filters
50
* @var array{before: list<string>, after: list<string>}
52
public array $required = [
54
'forcehttps', // Force Global Secure Requests
55
'pagecache', // Web Page Caching
58
'pagecache', // Web Page Caching
59
'performance', // Performance Metrics
60
'toolbar', // Debug Toolbar
65
* List of filter aliases that are always
66
* applied before and after every request.
68
* @var array<string, array<string, array<string, string>>>|array<string, list<string>>
70
public array $globals = [
83
* List of filter aliases that works on a
84
* particular HTTP method (GET, POST, etc.).
87
* 'POST' => ['foo', 'bar']
89
* If you use this, you should disable auto-routing because auto-routing
90
* permits any HTTP method to access a controller. Accessing the controller
91
* with a method you don't expect could bypass the filter.
93
* @var array<string, list<string>>
95
public array $methods = [];
98
* List of filter aliases that should run on any
99
* before or after URI patterns.
102
* 'isLoggedIn' => ['before' => ['account/*', 'profiles/*']]
104
* @var array<string, array<string, list<string>>>
106
public array $filters = [];