This class offers a range of ready-made headers.
- Instantiation
Content_TypeContent_LengthContent_Disposition_AttachmentContent_Type_application_downloadContent_Type_application_force_downloadContent_Type_application_octet_streamContent_Description_File_TransferAccess_Control_Allow_OriginCache_ControlLocationExpiresEtagLast_ModifiedSet_CookieRefreshWWW_AuthenticateRetry_AfterContentSecurityPolicyX_Accel_Buffering- Examples
Header::init();almost all methods are fluent, which allows you to combine the methods; see Examples
public function Content_Type(string $sType = '') : Header
Header::init()->Content_Type(\MVC\Media\Type_Application_json::DESCRIPTION);alternatively, you can also send the Content_Type header via a media type class \MVC\Media\Type*
\MVC\Media\Type_Application_json::header();public function Content_Length(int $iFilesize = 0) : Header
Header::init()->Content_Length(12345);public function Content_Disposition_Attachment(string $sFilename = '') : Header
Header::init()->Content_Disposition_Attachment('Document.md');public function Content_Type_application_download() : Header
Header::init()->Content_Type_application_download();public function Content_Type_application_force_download() : Header
Header::init()->Content_Type_application_force_download();public function Content_Type_application_octet_stream() : Header
Header::init()->Content_Type_application_octet_stream();public function Content_Description_File_Transfer() : Header
Header::init()->Content_Description_File_Transfer();public function Access_Control_Allow_Origin(string $sOrigin = '*') : Header
Header::init()->Access_Control_Allow_Origin(null);see developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
public function Cache_Control(EnumHttpHeaderCacheControl | array $mEnumCacheControl) : Header
Header::init()->Cache_Control(\MVC\Enum\EnumCacheControl::NoCache);Header::init()->Cache_Control(array(
\MVC\Enum\EnumCacheControl::NoCache,
\MVC\Enum\EnumCacheControl::MustRevalidate)
);public function Location(string $sLocation = '', bool $bReplace = true, int $iResponseCode = 302, bool $bExit = true) : void
Header::init()->Location('/404/');public function Expires(int $iExpireSeconds = 0) : Header
Header::init()->Expires(iExpireSeconds: (60 * 60 * 24)); # +1 day (future)Header::init()->Expires(iExpireSeconds: -(60 * 60 * 24)); # -1 day (past)Entity Tag
public function Etag(string $sEtag = '""') : Header
Header::init()->Etag('"xyzzy"');see datatracker.ietf.org/doc/html/rfc7232#section-2.3
public function Last_Modified(int $iUnixTimestamp = 0) : Header
Header::init()->Last_Modified(
new \DateTime("1 day ago")->getTimestamp()
);public function Set_Cookie(string $sName, string $sValue, int $iExpireUnixTimestamp = 0, string $sPath = '/', string $sDomain = '', string $sSameSite = '', bool $bSecure = false, bool $bHttpOnly = false) : Header
Header::init()->Set_Cookie(
sName: 'Name',
sValue: 'value',
iExpireUnixTimestamp: new \DateTime("+ 1 day")->getTimestamp(),
sPath: '/',
sSameSite: 'None; Partitioned',
bSecure: true,
bHttpOnly: true
);public function Refresh(int $iRefreshSeconds = 0, string $sUrl = '') : void
Header::init()->Refresh(
iRefreshSeconds: 3,
sUrl: '/'
);Only the "Basic" authentication method is supported. See the header() function for more information (see www.php.net/manual/de/function.header.php.
user and password are stored in
$_SERVER['PHP_AUTH_USER']$_SERVER['PHP_AUTH_PW'].
Be aware this is state-less.
see www.php.net/manual/en/features.http-auth.php
public function WWW_Authenticate(string $sBasicRealm = 'Authentication', string $sAuthUser = '', string $sAuthPassword = '')
Header::init()->WWW_Authenticate(
sBasicRealm: 'Authentication',
sAuthUser: 'foo', // required user
sAuthPassword: 'bar' // required password
);public function Retry_After(int $iValue = 0, EnumHttpHeaderRetryAfter $eEnumRetryAfter = EnumHttpHeaderRetryAfter::UnixTimestamp) : Header
Header::init()->Retry_After(
iValue: 300,
eEnumRetryAfter: \MVC\Enum\EnumHttpHeaderRetryAfter::RetryAfterSeconds
);sets CSP ("Content Security Policy") HTTP Header.
public function ContentSecurityPolicy(array $aCSP = array()) : Header
Header::init()->ContentSecurityPolicy();- if Argument
aCSPis empty, the method tries to read the configuration array fromConfig::MODULE()['CSP'].
For more Information about Content Security Policy see content-security-policy.com
public function X_Accel_Buffering(string $sStatus = 'no') : Header
Header::init()->X_Accel_Buffering();
Header::init()->X_Accel_Buffering(sStatus: 'no');Header::init()
->Content_Disposition_Attachment('robots.txt')
->Content_Type_application_force_download()
->Content_Type_application_octet_stream()
->Content_Type_application_download()
->Content_Description_File_Transfer()
->Content_Length(filesize('/var/www/html/public/robots.txt'))
;
echo file_get_contents('/var/www/html/public/robots.txt');in the controller method you want to protect, place the following code
/**
* @param \MVC\DataType\DTRequestIn $oDTRequestIn
* @param \MVC\DataType\DTRoute $oDTRoute
* @return void
* @throws \ReflectionException
*/
public function index(DTRequestIn $oDTRequestIn, DTRoute $oDTRoute)
{
Header::init()->WWW_Authenticate(
sBasicRealm: 'Authentication',
sAuthUser: 'foo', // required user
sAuthPassword: 'bar' // required password
);
view()->autoAssign();
}