Version 5 supported

Built-in middleware

Silverstripe CMS has a number of Middleware components. Some of them are listed here. Many of them are in the SilverStripe\Control\Middleware namespace.

AllowedHostsMiddlewareSecures requests by only allowing a whitelist of Host values
AuthenticationMiddlewareHandles authentication for the request
CanonicalURLMiddlewareURL normalisation and redirection
ChangeDetectionMiddlewareChange detection via Etag / IfModifiedSince headers, conditionally sending a 304 not modified if possible.
ConfirmationMiddlewareChecks whether user manual confirmation is required for HTTPRequest
DevelopmentAdminConfirmationMiddlewareA specific subclass of ConfirmationMiddleware which handles the /dev/* routes.
ExecMetricMiddlewareDisplay execution metrics in DEV mode
FlushMiddlewareTriggers a call to flush() on all Flushable implementors
HTTPCacheControlMiddlewareControls HTTP response cache headers
PasswordExpirationMiddlewareCheck if authenticated user has password expired
RateLimitMiddlewareAccess throttling, controls HTTP Retry-After header
SessionMiddlewarePHP Session initialisation
TrustedProxyMiddlewareRewrites headers that provide IP and host details from upstream proxies
URLSpecialsMiddlewareControls some of the URL special variables