Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #1833516 by Berdir, chx, catch, webchick: Add $settings for low-level configuration - move things out of .

8.0.x
catch 2013-01-07 11:45:26 +00:00
parent 1eae1771e3
commit 1f4c2cf30f
18 changed files with 285 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/authorize.php
View File

@ -12,7 +12,7 @@
* a multistep process. This script actually performs the selected operations
* without loading all of Drupal, to be able to more gracefully recover from
* errors. Access to the script is controlled by a global killswitch in
* settings.php ('allow_operations') and via the 'administer software
* settings.php ('allow_authorize_operations') and via the 'administer software
* updates' permission.
*
* There are helper functions for setting up an operation to run via this
@ -58,7 +58,7 @@ function authorize_access_denied_page() {
* TRUE if the current user can run authorize.php, and FALSE if not.
*/
function authorize_access_allowed() {
return config('system.authorize')->get('allow_operations') && user_access('administer software updates');
return settings()->get('allow_authorize_operations', TRUE) && user_access('administer software updates');
}
// *** Real work of the script begins here. ***

42
core/includes/bootstrap.inc
View File

@ -1,6 +1,7 @@
<?php
use Drupal\Component\Utility\NestedArray;
use Drupal\Component\Utility\Settings;
use Drupal\Core\DrupalKernel;
use Drupal\Core\Database\Database;
use Drupal\Core\DependencyInjection\ContainerBuilder;
@ -719,7 +720,7 @@ function drupal_settings_initialize() {
global $base_url, $base_path, $base_root, $script_path;
// Export these settings.php variables to the global namespace.
global $databases, $cookie_domain, $conf, $installed_profile, $update_free_access, $class_loader, $db_url, $db_prefix, $drupal_hash_salt, $is_https, $base_secure_url, $base_insecure_url, $config_directories;
global $databases, $cookie_domain, $conf, $installed_profile, $db_url, $db_prefix, $drupal_hash_salt, $is_https, $base_secure_url, $base_insecure_url, $config_directories;
$conf = array();
// Make conf_path() available as local variable in settings.php.
@ -727,6 +728,8 @@ function drupal_settings_initialize() {
if (is_readable(DRUPAL_ROOT . '/' . $conf_path . '/settings.php')) {
include_once DRUPAL_ROOT . '/' . $conf_path . '/settings.php';
}
require_once DRUPAL_ROOT . '/core/lib/Drupal/Component/Utility/Settings.php';
new Settings(isset($settings) ? $settings : array());
$is_https = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on';
if (isset($base_url)) {
@ -944,6 +947,20 @@ function drupal_get_filename($type, $name, $filename = NULL) {
}
}
/**
* Returns a setting.
*
* Settings can be set in settings.php in the $settings array and requested
* by this function. Settings should be used over configuration for read-only,
* possibly low bootstrap configuration that is environment specific.
*
* @return \Drupal\Component\Utility\Settings
* The settings object.
*/
function settings() {
return Settings::$singleton;
}
/**
* Loads the persistent variable table.
*
@ -1391,7 +1408,7 @@ function drupal_serve_page_from_cache(stdClass $cache) {
// response to reply to a subsequent request for a given URL without
// revalidation. If a Vary header has been set in hook_boot(), it is assumed
// that the module knows how to cache the page.
if (!isset($hook_boot_headers['vary']) && !config('system.performance')->get('cache.page.omit_vary_cookie')) {
if (!isset($hook_boot_headers['vary']) && !settings()->get('omit_vary_cookie')) {
header('Vary: Cookie');
}
@ -2120,7 +2137,7 @@ function drupal_bootstrap($phase = NULL, $new_phase = TRUE) {
break;
case DRUPAL_BOOTSTRAP_SESSION:
require_once DRUPAL_ROOT . '/' . variable_get('session_inc', 'core/includes/session.inc');
require_once DRUPAL_ROOT . '/' . settings()->get('session_inc', 'core/includes/session.inc');
drupal_session_initialize();
break;
@ -2311,7 +2328,7 @@ function _drupal_bootstrap_page_cache() {
require_once DRUPAL_ROOT . '/' . $include;
}
// Check for a cache mode force from settings.php.
if (variable_get('page_cache_without_database')) {
if (settings()->get('page_cache_without_database')) {
$cache_enabled = TRUE;
}
else {
@ -3016,12 +3033,12 @@ function ip_address() {
if (!isset($ip_address)) {
$ip_address = $_SERVER['REMOTE_ADDR'];
if (variable_get('reverse_proxy', 0)) {
$reverse_proxy_header = variable_get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR');
if (settings()->get('reverse_proxy', 0)) {
$reverse_proxy_header = settings()->get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR');
if (!empty($_SERVER[$reverse_proxy_header])) {
// If an array of known reverse proxy IPs is provided, then trust
// the XFF header if request really comes from one of them.
$reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());
$reverse_proxy_addresses = settings()->get('reverse_proxy_addresses', array());
// Turn XFF header into an array.
$forwarded = explode(',', $_SERVER[$reverse_proxy_header]);
@ -3051,20 +3068,27 @@ function ip_address() {
* classes, interfaces, and traits (PHP 5.4 and later). It's only dependency
* is DRUPAL_ROOT. Otherwise it may be called as early as possible.
*
* @param $class_loader
* The name of class loader to use. This can be used to change the class
* loader class when calling drupal_classloader() from settings.php. It is
* ignored otherwise.
*
* @return Symfony\Component\ClassLoader\UniversalClassLoader
* A UniversalClassLoader class instance (or extension thereof).
*/
function drupal_classloader() {
function drupal_classloader($class_loader = NULL) {
// By default, use the UniversalClassLoader which is best for development,
// as it does not break when code is moved on the file system. However, as it
// is slow, allow to use the APC class loader in production.
static $loader;
if (!isset($loader)) {
global $class_loader;
// Include the Symfony ClassLoader for loading PSR-0-compatible classes.
require_once DRUPAL_ROOT . '/core/vendor/symfony/class-loader/Symfony/Component/ClassLoader/UniversalClassLoader.php';
if (!isset($class_loader) && class_exists('Drupal\Component\Utility\Settings', FALSE)) {
$class_loader = settings()->get('class_loader');
}
switch ($class_loader) {
case 'apc':

16
core/includes/common.inc
View File

@ -809,7 +809,7 @@ function drupal_http_request($url, array $options = array()) {
$options['timeout'] = (float) $options['timeout'];
// Use a proxy if one is defined and the host is not on the excluded list.
$proxy_server = variable_get('proxy_server', '');
$proxy_server = settings()->get('proxy_server', '');
if ($proxy_server && _drupal_http_use_proxy($uri['host'])) {
// Set the scheme so we open a socket to the proxy server.
$uri['scheme'] = 'proxy';
@ -819,13 +819,13 @@ function drupal_http_request($url, array $options = array()) {
unset($uri['query']);
// Add in username and password to Proxy-Authorization header if needed.
if ($proxy_username = variable_get('proxy_username', '')) {
$proxy_password = variable_get('proxy_password', '');
if ($proxy_username = settings()->get('proxy_username', '')) {
$proxy_password = settings()->get('proxy_password', '');
$options['headers']['Proxy-Authorization'] = 'Basic ' . base64_encode($proxy_username . (!empty($proxy_password) ? ":" . $proxy_password : ''));
}
// Some proxies reject requests with any User-Agent headers, while others
// require a specific one.
$proxy_user_agent = variable_get('proxy_user_agent', '');
$proxy_user_agent = settings()->get('proxy_user_agent', '');
// The default value matches neither condition.
if ($proxy_user_agent === NULL) {
unset($options['headers']['User-Agent']);
@ -838,7 +838,7 @@ function drupal_http_request($url, array $options = array()) {
switch ($uri['scheme']) {
case 'proxy':
// Make the socket connection to a proxy server.
$socket = 'tcp://' . $proxy_server . ':' . variable_get('proxy_port', 8080);
$socket = 'tcp://' . $proxy_server . ':' . settings()->get('proxy_port', 8080);
// The Host header still needs to match the real request.
$options['headers']['Host'] = $uri['host'];
$options['headers']['Host'] .= isset($uri['port']) && $uri['port'] != 80 ? ':' . $uri['port'] : '';
@ -1068,7 +1068,7 @@ function drupal_http_request($url, array $options = array()) {
* TRUE if a proxy should be used for this host.
*/
function _drupal_http_use_proxy($host) {
$proxy_exceptions = variable_get('proxy_exceptions', array('localhost', '127.0.0.1'));
$proxy_exceptions = settings()->get('proxy_exceptions', array('localhost', '127.0.0.1'));
return !in_array(strtolower($host), $proxy_exceptions, TRUE);
}
@ -4757,10 +4757,10 @@ function drupal_valid_token($token, $value = '', $skip_anonymous = FALSE) {
* Loads code for subsystems and modules, and registers stream wrappers.
*/
function _drupal_bootstrap_code() {
require_once DRUPAL_ROOT . '/' . variable_get('path_inc', 'core/includes/path.inc');
require_once DRUPAL_ROOT . '/' . settings()->get('path_inc', 'core/includes/path.inc');
require_once DRUPAL_ROOT . '/core/includes/theme.inc';
require_once DRUPAL_ROOT . '/core/includes/pager.inc';
require_once DRUPAL_ROOT . '/' . variable_get('menu_inc', 'core/includes/menu.inc');
require_once DRUPAL_ROOT . '/' . settings()->get('menu_inc', 'core/includes/menu.inc');
require_once DRUPAL_ROOT . '/core/includes/tablesort.inc';
require_once DRUPAL_ROOT . '/core/includes/file.inc';
require_once DRUPAL_ROOT . '/core/includes/unicode.inc';

2
core/includes/database.inc
View File

@ -905,7 +905,7 @@ function db_ignore_slave() {
// Five minutes is long enough to allow the slave to break and resume
// interrupted replication without causing problems on the Drupal site from
// the old data.
$duration = variable_get('maximum_replication_lag', 300);
$duration = settings()->get('maximum_replication_lag', 300);
// Set session variable with amount of time to delay before using slave.
$_SESSION['ignore_slave_server'] = REQUEST_TIME + $duration;
}

2
core/includes/install.core.inc
View File

@ -279,7 +279,7 @@ function install_begin_request(&$install_state) {
require_once DRUPAL_ROOT . '/core/includes/file.inc';
require_once DRUPAL_ROOT . '/core/includes/install.inc';
require_once DRUPAL_ROOT . '/core/includes/schema.inc';
require_once DRUPAL_ROOT . '/' . variable_get('path_inc', 'core/includes/path.inc');
require_once DRUPAL_ROOT . '/' . settings()->get('path_inc', 'core/includes/path.inc');
// Load module basics (needed for hook invokes).
include_once DRUPAL_ROOT . '/core/includes/module.inc';

2
core/includes/theme.maintenance.inc
View File

@ -22,7 +22,7 @@ function _drupal_maintenance_theme() {
return;
}
require_once DRUPAL_ROOT . '/' . variable_get('path_inc', 'core/includes/path.inc');
require_once DRUPAL_ROOT . '/' . settings()->get('path_inc', 'core/includes/path.inc');
require_once DRUPAL_ROOT . '/core/includes/theme.inc';
require_once DRUPAL_ROOT . '/core/includes/common.inc';
require_once DRUPAL_ROOT . '/core/includes/unicode.inc';

59
core/lib/Drupal/Component/Utility/Settings.php Normal file
View File

@ -0,0 +1,59 @@
<?php
/**
* @file
* Contains Drupal\Component\Utility\Settings.
*/
namespace Drupal\Component\Utility;
class Settings {
/**
* @var array
*/
protected $storage;
/**
* @var Settings
*/
static $singleton;
/**
* @param array $settings
*/
function __construct(array $settings) {
$this->storage = $settings;
self::$singleton = $this;
}
/**
* Returns a setting.
*
* Settings can be set in settings.php in the $settings array and requested
* by this function. Settings should be used over configuration for read-only,
* possibly low bootstrap configuration that is environment specific.
*
* @param string $name
* The name of the setting to return.
* @param mixed $default
* (optional) The default value to use if this setting is not set.
*
* @return mixed
* The value of the setting, the provided default if not set.
*/
public function get($name, $default = NULL) {
return isset($this->storage[$name]) ? $this->storage[$name] : $default;
}
/**
* Returns all the settings. This is only used for testing purposes.
*
* @return array
* All the settings.
*/
public function getAll() {
return $this->storage;
}
}

24
core/modules/simpletest/lib/Drupal/simpletest/TestBase.php
View File

@ -8,6 +8,7 @@
namespace Drupal\simpletest;
use Drupal\Core\Database\Database;
use Drupal\Component\Utility\Settings;
use Drupal\Core\DependencyInjection\ContainerBuilder;
use Drupal\Core\Database\ConnectionNotDefinedException;
use Drupal\Core\DrupalKernel;
@ -137,6 +138,11 @@ abstract class TestBase {
*/
protected $verboseDirectoryUrl;
/**
* The settings array.
*/
protected $originalSettings;
/**
* Constructor for Test.
*
@ -814,6 +820,7 @@ abstract class TestBase {
}
// Backup current in-memory configuration.
$this->originalSettings = settings()->getAll();
$this->originalConf = $conf;
// Backup statics and globals.
@ -1012,6 +1019,7 @@ abstract class TestBase {
// Restore original in-memory configuration.
$conf = $this->originalConf;
new Settings($this->originalSettings);
// Restore original statics and globals.
drupal_container($this->originalContainer);
@ -1091,6 +1099,22 @@ abstract class TestBase {
$this->error($message, 'Uncaught exception', _drupal_get_last_caller($backtrace));
}
/**
* Changes in memory settings.
*
* @param $name
* The name of the setting to return.
* @param $value
* The value of the setting.
*
* @see \Drupal\Component\Utility\Settings::get()
*/
protected function settingsSet($name, $value) {
$settings = settings()->getAll();
$settings[$name] = $value;
new Settings($settings);
}
/**
* Generates a random string of ASCII characters of codes 32 to 126.
*

1
core/modules/system/config/system.performance.yml
View File

@ -1,7 +1,6 @@
cache:
page:
enabled: '0'
omit_vary_cookie: ''
max_age: '0'
css:
preprocess: '0'

6
core/modules/system/lib/Drupal/system/Tests/Bootstrap/IpAddressTest.php
View File

@ -58,14 +58,14 @@ class IpAddressTest extends WebTestBase {
);
// Proxy forwarding on but no proxy addresses defined.
variable_set('reverse_proxy', 1);
$this->settingsSet('reverse_proxy', 1);
$this->assertTrue(
ip_address() == $this->remote_ip,
'Proxy forwarding without trusted proxies got remote IP address.'
);
// Proxy forwarding on and proxy address not trusted.
variable_set('reverse_proxy_addresses', array($this->proxy_ip, $this->proxy2_ip));
$this->settingsSet('reverse_proxy_addresses', array($this->proxy_ip, $this->proxy2_ip));
drupal_static_reset('ip_address');
$_SERVER['REMOTE_ADDR'] = $this->untrusted_ip;
$this->assertTrue(
@ -92,7 +92,7 @@ class IpAddressTest extends WebTestBase {
);
// Custom client-IP header.
variable_set('reverse_proxy_header', 'HTTP_X_CLUSTER_CLIENT_IP');
$this->settingsSet('reverse_proxy_header', 'HTTP_X_CLUSTER_CLIENT_IP');
$_SERVER['HTTP_X_CLUSTER_CLIENT_IP'] = $this->cluster_ip;
drupal_static_reset('ip_address');
$this->assertTrue(

2
core/modules/system/lib/Drupal/system/Tests/System/SystemAuthorizeTest.php
View File

@ -32,8 +32,6 @@ class SystemAuthorizeTest extends WebTestBase {
function setUp() {
parent::setUp();
variable_set('allow_authorize_operations', TRUE);
// Create an administrator user.
$this->admin_user = $this->drupalCreateUser(array('administer software updates'));
$this->drupalLogin($this->admin_user);

6
core/modules/system/system.install
View File

@ -416,11 +416,11 @@ function system_requirements($phase) {
// Verify the update.php access setting
if ($phase == 'runtime') {
if (!empty($GLOBALS['update_free_access'])) {
if (settings()->get('update_free_access')) {
$requirements['update access'] = array(
'value' => $t('Not protected'),
'severity' => REQUIREMENT_ERROR,
'description' => $t('The update.php script is accessible to everyone without authentication check, which is a security risk. You must change the $update_free_access value in your settings.php back to FALSE.'),
'description' => $t('The update.php script is accessible to everyone without authentication check, which is a security risk. You must change the @settings_name value in your settings.php back to FALSE.', array('@settings_name' => '$settings[\'update_free_access\']')),
);
}
else {
@ -1873,7 +1873,6 @@ function system_update_8017() {
'page_compression' => 'response.gzip',
'preprocess_css' => 'css.preprocess',
'preprocess_js' => 'js.preprocess',
'omit_vary_cookie' => 'omit_vary_cookie',
'stale_file_threshold' => 'stale_file_threshold',
));
}
@ -2118,7 +2117,6 @@ function system_update_8029() {
*/
function system_update_8030() {
update_variables_to_config('system.authorize', array(
'allow_authorize_operations' => 'allow_operations',
'authorize_filetransfer_default' => 'filetransfer_default',
));
}

1
core/modules/update/lib/Drupal/update/Tests/UpdateContribTest.php
View File

@ -327,7 +327,6 @@ class UpdateContribTest extends UpdateTestBase {
* update, then assert if we see the appropriate warnings on the right pages.
*/
function testHookUpdateStatusAlter() {
variable_set('allow_authorize_operations', TRUE);
$update_test_config = config('update_test.settings');
$update_admin_user = $this->drupalCreateUser(array('administer site configuration', 'administer software updates'));
$this->drupalLogin($update_admin_user);

1
core/modules/update/lib/Drupal/update/Tests/UpdateUploadTest.php
View File

@ -29,7 +29,6 @@ class UpdateUploadTest extends UpdateTestBase {
public function setUp() {
parent::setUp();
variable_set('allow_authorize_operations', TRUE);
$admin_user = $this->drupalCreateUser(array('administer software updates', 'administer site configuration'));
$this->drupalLogin($admin_user);
}

2
core/modules/update/update.manager.inc
View File

@ -7,7 +7,7 @@
* This allows site administrators with the 'administer software updates'
* permission to either upgrade existing projects, or download and install new
* ones, so long as the killswitch setting ('allow_authorize_operations') is
* still TRUE.
* not FALSE.
*
* To install new code, the administrator is prompted for either the URL of an
* archive file, or to directly upload the archive file. The archive is loaded

2
core/modules/update/update.module
View File

@ -251,7 +251,7 @@ function update_menu() {
* @see update_menu()
*/
function update_manager_access() {
return config('system.authorize')->get('allow_operations') && user_access('administer software updates');
return settings()->get('allow_authorize_operations', TRUE) && user_access('administer software updates');
}
/**

12
core/update.php
View File

@ -209,8 +209,8 @@ function update_results_page() {
$output .= '</p>';
}
if (!empty($GLOBALS['update_free_access'])) {
$output .= "<p><strong>Reminder: don't forget to set the <code>\$update_free_access</code> value in your <code>settings.php</code> file back to <code>FALSE</code>.</strong></p>";
if (settings()->get('update_free_access')) {
$output .= "<p><strong>Reminder: don't forget to set the <code>\$settings['update_free_access']</code> value in your <code>settings.php</code> file back to <code>FALSE</code>.</strong></p>";
}
$output .= theme('links', array('links' => update_helpful_links()));
@ -311,8 +311,8 @@ function update_access_denied_page() {
return '<p>Access denied. You are not authorized to access this page. Log in using either an account with the <em>administer software updates</em> permission or the site maintenance account (the account you created during installation). If you cannot log in, you will have to edit <code>settings.php</code> to bypass this access check. To do this:</p>
<ol>
<li>With a text editor find the settings.php file on your system. From the main Drupal directory that you installed all the files into, go to <code>sites/your_site_name</code> if such directory exists, or else to <code>sites/default</code> which applies otherwise.</li>
<li>There is a line inside your settings.php file that says <code>$update_free_access = FALSE;</code>. Change it to <code>$update_free_access = TRUE;</code>.</li>
<li>As soon as the update.php script is done, you must change the settings.php file back to its original form with <code>$update_free_access = FALSE;</code>.</li>
<li>There is a line inside your settings.php file that says <code>$settings[\'update_free_access\'] = FALSE;</code>. Change it to <code>$settings[\'update_free_access\'] = TRUE;</code>.</li>
<li>As soon as the update.php script is done, you must change the settings.php file back to its original form with <code>$settings[\'update_free_access\'] = FALSE;</code>.</li>
<li>To avoid having this problem in the future, remember to log in to your website using either an account with the <em>administer software updates</em> permission or the site maintenance account (the account you created during installation) before you backup your database at the beginning of the update process.</li>
</ol>';
}
@ -324,10 +324,10 @@ function update_access_denied_page() {
* TRUE if the current user should be granted access, or FALSE otherwise.
*/
function update_access_allowed() {
global $update_free_access, $user;
global $user;
// Allow the global variable in settings.php to override the access check.
if (!empty($update_free_access)) {
if (settings()->get('update_free_access')) {
return TRUE;
}
// Calls to user_access() might fail during the Drupal 6 to 7 update process,

275
sites/default/default.settings.php
View File

@ -214,19 +214,6 @@
*/
$databases = array();
/**
* Access control for update.php script.
*
* If you are updating your Drupal installation using the update.php script but
* are not logged in using either an account with the "Administer software
* updates" permission or the site maintenance account (the account that was
* created during installation), you will need to modify the access check
* statement below. Change the FALSE to a TRUE to disable the access check.
* After finishing the upgrade, be sure to open this file again and change the
* TRUE back to a FALSE!
*/
$update_free_access = FALSE;
/**
* Salt for one-time login links and cancel links, form tokens, etc.
*
@ -246,20 +233,6 @@ $update_free_access = FALSE;
*/
$drupal_hash_salt = '';
/**
* Class Loader.
*
* By default, Drupal uses the Symfony UniversalClassLoader which is best for
* development, as it does not break when code is moved on the file system.
* The APC classloader provides better performance and is recommended for
* production sites.
*
* Examples:
* $class_loader = 'apc'
* $class_loader = 'default'
*/
# $class_loader = 'apc';
/**
* Location of the site configuration files.
*
@ -286,6 +259,149 @@ $drupal_hash_salt = '';
*/
$config_directories = array();
/**
* Settings:
*
* $settings contains configuration that can not be saved in the configuration
* system because it is required too early during bootstrap like the database
* information. It is also used for configuration that is specific for a given
* environment like reverse proxy settings
*
* @see settings_get()
*/
/**
* Access control for update.php script.
*
* If you are updating your Drupal installation using the update.php script but
* are not logged in using either an account with the "Administer software
* updates" permission or the site maintenance account (the account that was
* created during installation), you will need to modify the access check
* statement below. Change the FALSE to a TRUE to disable the access check.
* After finishing the upgrade, be sure to open this file again and change the
* TRUE back to a FALSE!
*/
$settings['update_free_access'] = FALSE;
/**
* External access proxy settings:
*
* If your site must access the Internet via a web proxy then you can enter
* the proxy settings here. Currently only basic authentication is supported
* by using the username and password variables. The proxy_user_agent variable
* can be set to NULL for proxies that require no User-Agent header or to a
* non-empty string for proxies that limit requests to a specific agent. The
* proxy_exceptions variable is an array of host names to be accessed directly,
* not via proxy.
*/
# $settings['proxy_server'] = '';
# $settings['proxy_port'] = 8080;
# $settings['proxy_username'] = '';
# $settings['proxy_password'] = '';
# $settings['proxy_user_agent'] = '';
# $settings['proxy_exceptions'] = array('127.0.0.1', 'localhost');
/**
* Reverse Proxy Configuration:
*
* Reverse proxy servers are often used to enhance the performance
* of heavily visited sites and may also provide other site caching,
* security, or encryption benefits. In an environment where Drupal
* is behind a reverse proxy, the real IP address of the client should
* be determined such that the correct client IP address is available
* to Drupal's logging, statistics, and access management systems. In
* the most simple scenario, the proxy server will add an
* X-Forwarded-For header to the request that contains the client IP
* address. However, HTTP headers are vulnerable to spoofing, where a
* malicious client could bypass restrictions by setting the
* X-Forwarded-For header directly. Therefore, Drupal's proxy
* configuration requires the IP addresses of all remote proxies to be
* specified in $settings['reverse_proxy_addresses'] to work correctly.
*
* Enable this setting to get Drupal to determine the client IP from
* the X-Forwarded-For header (or $settings['reverse_proxy_header'] if set).
* If you are unsure about this setting, do not have a reverse proxy,
* or Drupal operates in a shared hosting environment, this setting
* should remain commented out.
*
* In order for this setting to be used you must specify every possible
* reverse proxy IP address in $settings['reverse_proxy_addresses'].
* If a complete list of reverse proxies is not available in your
* environment (for example, if you use a CDN) you may set the
* $_SERVER['REMOTE_ADDR'] variable directly in settings.php.
* Be aware, however, that it is likely that this would allow IP
* address spoofing unless more advanced precautions are taken.
*/
# $settings['reverse_proxy'] = TRUE;
/**
* Specify every reverse proxy IP address in your environment.
* This setting is required if $settings['reverse_proxy'] is TRUE.
*/
# $settings['reverse_proxy_addresses'] = array('a.b.c.d', ...);
/**
* Set this value if your proxy server sends the client IP in a header
* other than X-Forwarded-For.
*/
# $settings['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
/**
* Page caching:
*
* By default, Drupal sends a "Vary: Cookie" HTTP header for anonymous page
* views. This tells a HTTP proxy that it may return a page from its local
* cache without contacting the web server, if the user sends the same Cookie
* header as the user who originally requested the cached page. Without "Vary:
* Cookie", authenticated users would also be served the anonymous page from
* the cache. If the site has mostly anonymous users except a few known
* editors/administrators, the Vary header can be omitted. This allows for
* better caching in HTTP proxies (including reverse proxies), i.e. even if
* clients send different cookies, they still get content served from the cache.
* However, authenticated users should access the site directly (i.e. not use an
* HTTP proxy, and bypass the reverse proxy if one is used) in order to avoid
* getting cached pages from the proxy.
*/
# $settings['omit_vary_cookie'] = TRUE;
/**
* Class Loader.
*
* By default, Drupal uses the Symfony UniversalClassLoader which is best for
* development, as it does not break when code is moved on the file system.
* The APC classloader provides better performance and is recommended for
* production sites.
*
* Examples:
* $class_loader = 'apc'
* $class_loader = 'default'
*/
# $settings['class_loader'] = 'apc';
/**
* Authorized file system operations:
*
* The Update Manager module included with Drupal provides a mechanism for
* site administrators to securely install missing updates for the site
* directly through the web user interface. On securely-configured servers,
* the Update manager will require the administrator to provide SSH or FTP
* credentials before allowing the installation to proceed; this allows the
* site to update the new files as the user who owns all the Drupal files,
* instead of as the user the webserver is running as. On servers where the
* webserver user is itself the owner of the Drupal files, the administrator
* will not be prompted for SSH or FTP credentials (note that these server
* setups are common on shared hosting, but are inherently insecure).
*
* Some sites might wish to disable the above functionality, and only update
* the code directly via SSH or FTP themselves. This setting completely
* disables all functionality related to these authorized file operations.
*
* @see http://drupal.org/node/244924
*
* Remove the leading hash signs to disable.
*/
# $settings['allow_authorize_operations'] = FALSE;
/**
* Base URL (optional).
*
@ -397,69 +513,6 @@ ini_set('session.cookie_lifetime', 2000000);
*/
# $conf['maintenance_theme'] = 'bartik';
/**
* Reverse Proxy Configuration:
*
* Reverse proxy servers are often used to enhance the performance
* of heavily visited sites and may also provide other site caching,
* security, or encryption benefits. In an environment where Drupal
* is behind a reverse proxy, the real IP address of the client should
* be determined such that the correct client IP address is available
* to Drupal's logging, statistics, and access management systems. In
* the most simple scenario, the proxy server will add an
* X-Forwarded-For header to the request that contains the client IP
* address. However, HTTP headers are vulnerable to spoofing, where a
* malicious client could bypass restrictions by setting the
* X-Forwarded-For header directly. Therefore, Drupal's proxy
* configuration requires the IP addresses of all remote proxies to be
* specified in $conf['reverse_proxy_addresses'] to work correctly.
*
* Enable this setting to get Drupal to determine the client IP from
* the X-Forwarded-For header (or $conf['reverse_proxy_header'] if set).
* If you are unsure about this setting, do not have a reverse proxy,
* or Drupal operates in a shared hosting environment, this setting
* should remain commented out.
*
* In order for this setting to be used you must specify every possible
* reverse proxy IP address in $conf['reverse_proxy_addresses'].
* If a complete list of reverse proxies is not available in your
* environment (for example, if you use a CDN) you may set the
* $_SERVER['REMOTE_ADDR'] variable directly in settings.php.
* Be aware, however, that it is likely that this would allow IP
* address spoofing unless more advanced precautions are taken.
*/
# $conf['reverse_proxy'] = TRUE;
/**
* Specify every reverse proxy IP address in your environment.
* This setting is required if $conf['reverse_proxy'] is TRUE.
*/
# $conf['reverse_proxy_addresses'] = array('a.b.c.d', ...);
/**
* Set this value if your proxy server sends the client IP in a header
* other than X-Forwarded-For.
*/
# $conf['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
/**
* Page caching:
*
* By default, Drupal sends a "Vary: Cookie" HTTP header for anonymous page
* views. This tells a HTTP proxy that it may return a page from its local
* cache without contacting the web server, if the user sends the same Cookie
* header as the user who originally requested the cached page. Without "Vary:
* Cookie", authenticated users would also be served the anonymous page from
* the cache. If the site has mostly anonymous users except a few known
* editors/administrators, the Vary header can be omitted. This allows for
* better caching in HTTP proxies (including reverse proxies), i.e. even if
* clients send different cookies, they still get content served from the cache.
* However, authenticated users should access the site directly (i.e. not use an
* HTTP proxy, and bypass the reverse proxy if one is used) in order to avoid
* getting cached pages from the proxy.
*/
# $conf['system.performance']['cache']['page']['omit_vary_cookie'] = TRUE;
/**
* CSS/JS aggregated file gzip compression:
*
@ -512,48 +565,6 @@ ini_set('session.cookie_lifetime', 2000000);
#$conf['system.fast_404']['paths'] = '/\.(?:txt|png|gif|jpe?g|css|js|ico|swf|flv|cgi|bat|pl|dll|exe|asp)$/i';
#$conf['system.fast_404']['html'] = '<!DOCTYPE html><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL "@path" was not found on this server.</p></body></html>';
/**
* External access proxy settings:
*
* If your site must access the Internet via a web proxy then you can enter
* the proxy settings here. Currently only basic authentication is supported
* by using the username and password variables. The proxy_user_agent variable
* can be set to NULL for proxies that require no User-Agent header or to a
* non-empty string for proxies that limit requests to a specific agent. The
* proxy_exceptions variable is an array of host names to be accessed directly,
* not via proxy.
*/
# $conf['proxy_server'] = '';
# $conf['proxy_port'] = 8080;
# $conf['proxy_username'] = '';
# $conf['proxy_password'] = '';
# $conf['proxy_user_agent'] = '';
# $conf['proxy_exceptions'] = array('127.0.0.1', 'localhost');
/**
* Authorized file system operations:
*
* The Update Manager module included with Drupal provides a mechanism for
* site administrators to securely install missing updates for the site
* directly through the web user interface. On securely-configured servers,
* the Update manager will require the administrator to provide SSH or FTP
* credentials before allowing the installation to proceed; this allows the
* site to update the new files as the user who owns all the Drupal files,
* instead of as the user the webserver is running as. On servers where the
* webserver user is itself the owner of the Drupal files, the administrator
* will not be prompted for SSH or FTP credentials (note that these server
* setups are common on shared hosting, but are inherently insecure).
*
* Some sites might wish to disable the above functionality, and only update
* the code directly via SSH or FTP themselves. This setting completely
* disables all functionality related to these authorized file operations.
*
* @see http://drupal.org/node/244924
*
* Remove the leading hash signs to disable.
*/
# $conf['allow_authorize_operations'] = FALSE;
/**
* Load local development override configuration, if available.
*