Secures requests by only allowing a whitelist of Host values

Implements the following URL normalisation rules

  • redirect basic auth requests to HTTPS
  • force WWW, redirect to the subdomain "www."
  • force SSL, redirect to https
  • force the correct path (with vs without trailing slash)

Handles internal change detection via etag / ifmodifiedsince headers, conditionally sending a 304 not modified if possible.

Checks whether user manual confirmation is required for HTTPRequest depending on the rules given.

Extends the PermissionAwareConfirmationMiddleware with checks for user permissions

Display execution metrics for the current request if in dev mode and execmetric is provided as a request variable.

Triggers a call to flush() on all implementors of Flushable.

Adds middleware support to an object.

Extends the ConfirmationMiddleware with checks for user permissions

Decorates a request handler with the HTTP Middleware pattern

This middleware will rewrite headers that provide IP and host details from an upstream proxy.

Check the request for the URL special variables.