Allow forcing SSL for every page via the force_ssl parameter

app/AppKernel.php

@@ -25,6 +25,7 @@ class AppKernel extends Kernel
             new Packagist\WebBundle\PackagistWebBundle(),
             new WhiteOctober\PagerfantaBundle\WhiteOctoberPagerfantaBundle(),
             new Nelmio\SolariumBundle\NelmioSolariumBundle(),
+            new Nelmio\SecurityBundle\NelmioSecurityBundle(),
         );
 
         if (in_array($this->getEnvironment(), array('dev', 'test'))) {

app/config/config.yml

@@ -17,6 +17,7 @@ framework:
         name:           packagist
         lifetime:       3600
 
+
 # Twig Configuration
 twig:
     debug:            %kernel.debug%

app/config/config_prod.yml

@@ -16,3 +16,15 @@ monolog:
             type:  stream
             path:  %kernel.logs_dir%/%kernel.environment%.log
             level: debug
+
+framework:
+    session:
+        secure:         %force_ssl%
+
+nelmio_security:
+    clickjacking:
+        paths:
+            '^/.*': DENY
+    forced_ssl:
+        enabled: %force_ssl%
+        hsts_max_age: 2592000 # 30 days

app/config/parameters.yml.dist

@@ -27,3 +27,5 @@ parameters:
 
     github.client_id:
     github.client_secret:
+
+    force_ssl: false

composer.json

@@ -42,6 +42,7 @@
         "friendsofsymfony/user-bundle": "2.0.*",
         "hwi/oauth-bundle": "dev-master",
         "nelmio/solarium-bundle": "dev-master",
+        "nelmio/security-bundle": "dev-master",
         "predis/predis": "0.7.*",
         "snc/redis-bundle": "dev-master",
         "white-october/pagerfanta-bundle": "dev-master",

composer.lock

@@ -1,5 +1,5 @@
 {
-    "hash": "ba9c0437196577b6006030095f3a42d9",
+    "hash": "31cfbd428dcd9c7da7d44c1d5ffebc57",
     "packages": [
         {
             "name": "composer/composer",
@@ -966,6 +966,51 @@
                 "logging"
             ]
         },
+        {
+            "name": "nelmio/security-bundle",
+            "version": "dev-master",
+            "target-dir": "Nelmio/SecurityBundle",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/nelmio/NelmioSecurityBundle",
+                "reference": "95bbc09e1b18bd2f1dceae6789af97fcd232a4cb"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://github.com/nelmio/NelmioSecurityBundle/zipball/95bbc09e1b18bd2f1dceae6789af97fcd232a4cb",
+                "reference": "95bbc09e1b18bd2f1dceae6789af97fcd232a4cb",
+                "shasum": ""
+            },
+            "require": {
+                "symfony/framework-bundle": "2.*",
+                "symfony/security": "2.*"
+            },
+            "time": "1349439945",
+            "type": "symfony-bundle",
+            "installation-source": "source",
+            "autoload": {
+                "psr-0": {
+                    "Nelmio\\SecurityBundle": ""
+                }
+            },
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Nelmio",
+                    "homepage": "http://nelm.io"
+                },
+                {
+                    "name": "Symfony Community",
+                    "homepage": "https://github.com/nelmio/NelmioSecurityBundle/contributors"
+                }
+            ],
+            "description": "Extra security-related features for Symfony2",
+            "keywords": [
+                "security"
+            ]
+        },
         {
             "name": "nelmio/solarium-bundle",
             "version": "dev-master",
@@ -2115,6 +2160,7 @@
         "composer/composer": 20,
         "hwi/oauth-bundle": 20,
         "nelmio/solarium-bundle": 20,
+        "nelmio/security-bundle": 20,
         "snc/redis-bundle": 20,
         "white-october/pagerfanta-bundle": 20
     }

src/Packagist/WebBundle/Controller/ApiController.php

@@ -44,15 +44,10 @@ class ApiController extends Controller
 
         $em = $this->get('doctrine')->getEntityManager();
 
-        $filters = array(
-            'type' => $req->query->get('type'),
-            'tag' => $req->query->get('tag'),
-        );
-
         gc_enable();
 
         $packages = $em->getRepository('Packagist\WebBundle\Entity\Package')
-            ->getFullPackages(null, $filters);
+            ->getFullPackages();
 
         $notifyUrl = $this->generateUrl('track_download', array('name' => 'VND/PKG'));
 

src/Packagist/WebBundle/Package/Dumper.php

@@ -198,14 +198,14 @@ class Dumper
         }
 
         // prepare root file
-        $rootFile = $buildDir.'/packages_root.json';
+        $rootFile = $buildDir.'/packages.json';
         $this->loadFile($rootFile);
-        if (!isset($this->files['packages_root.json']['packages'])) {
-            $this->files['packages_root.json']['packages'] = array();
+        if (!isset($this->files['packages.json']['packages'])) {
+            $this->files['packages.json']['packages'] = array();
         }
         $url = $this->router->generate('track_download', array('name' => 'VND/PKG'));
-        $this->files['packages_root.json']['notify'] = str_replace('VND/PKG', '%package%', $url);
-        $this->files['packages_root.json']['providers'] = '/p/%package%.json';
+        $this->files['packages.json']['notify'] = str_replace('VND/PKG', '%package%', $url);
+        $this->files['packages.json']['providers'] = '/p/%package%.json';
 
         if ($verbose) {
             echo 'Dumping complete files'.PHP_EOL;
@@ -214,7 +214,7 @@ class Dumper
         // dump files to build dir
         foreach ($modifiedFiles as $file => $dummy) {
             $this->dumpFile($buildDir.'/'.$file);
-            $this->files['packages_root.json']['includes'][$file] = array('sha1' => sha1_file($buildDir.'/'.$file));
+            $this->files['packages.json']['includes'][$file] = array('sha1' => sha1_file($buildDir.'/'.$file));
         }
         $this->dumpFile($rootFile);