Issue #313145 by ghoti, t0xicCode, znerol, pwolanin, thedavidmeister, seanr, neclimdul, Damien Tournoud: Support X-Forwarded-* HTTP headers alternates
Alex Pott
parent
a2c96ec5f4
commit
238a2397bc
|
|
@ -11,7 +11,7 @@ use Symfony\Component\HttpFoundation\Request;
|
|||
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
||||
|
||||
/**
|
||||
*
|
||||
* Provides support for reverse proxies.
|
||||
*/
|
||||
class ReverseProxyMiddleware implements HttpKernelInterface {
|
||||
|
||||
|
|
@ -48,8 +48,21 @@ class ReverseProxyMiddleware implements HttpKernelInterface {
|
|||
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {
|
||||
// Initialize proxy settings.
|
||||
if ($this->settings->get('reverse_proxy', FALSE)) {
|
||||
$reverse_proxy_header = $this->settings->get('reverse_proxy_header', 'X_FORWARDED_FOR');
|
||||
$request::setTrustedHeaderName($request::HEADER_CLIENT_IP, $reverse_proxy_header);
|
||||
$ip_header = $this->settings->get('reverse_proxy_header', 'X_FORWARDED_FOR');
|
||||
$request::setTrustedHeaderName($request::HEADER_CLIENT_IP, $ip_header);
|
||||
|
||||
$proto_header = $this->settings->get('reverse_proxy_proto_header', 'X_FORWARDED_PROTO');
|
||||
$request::setTrustedHeaderName($request::HEADER_CLIENT_PROTO, $proto_header);
|
||||
|
||||
$host_header = $this->settings->get('reverse_proxy_host_header', 'X_FORWARDED_HOST');
|
||||
$request::setTrustedHeaderName($request::HEADER_CLIENT_HOST, $host_header);
|
||||
|
||||
$port_header = $this->settings->get('reverse_proxy_port_header', 'X_FORWARDED_PORT');
|
||||
$request::setTrustedHeaderName($request::HEADER_CLIENT_PORT, $port_header);
|
||||
|
||||
$forwarded_header = $this->settings->get('reverse_proxy_forwarded_header', 'FORWARDED');
|
||||
$request::setTrustedHeaderName($request::HEADER_FORWARDED, $forwarded_header);
|
||||
|
||||
$proxies = $this->settings->get('reverse_proxy_addresses', array());
|
||||
if (count($proxies) > 0) {
|
||||
$request::setTrustedProxies($proxies);
|
||||
|
|
|
|||
|
|
@ -66,13 +66,11 @@ class ReverseProxyMiddlewareTest extends UnitTestCase {
|
|||
return array(
|
||||
array(
|
||||
array(
|
||||
'reverse_proxy_header' => 'HTTP_X_FORWARDED_FOR',
|
||||
'reverse_proxy_addresses' => array(),
|
||||
),
|
||||
),
|
||||
array(
|
||||
array(
|
||||
'reverse_proxy_header' => 'X_FORWARDED_HOST',
|
||||
'reverse_proxy_header' => 'X_FORWARDED_FOR_CUSTOMIZED',
|
||||
'reverse_proxy_proto_header' => 'X_FORWARDED_PROTO_CUSTOMIZED',
|
||||
'reverse_proxy_host_header' => 'X_FORWARDED_HOST_CUSTOMIZED',
|
||||
'reverse_proxy_port_header' => 'X_FORWARDED_PORT_CUSTOMIZED',
|
||||
'reverse_proxy_forwarded_header' => 'FORWARDED_CUSTOMIZED',
|
||||
'reverse_proxy_addresses' => array('127.0.0.2', '127.0.0.3'),
|
||||
),
|
||||
),
|
||||
|
|
@ -95,6 +93,10 @@ class ReverseProxyMiddlewareTest extends UnitTestCase {
|
|||
|
||||
$middleware->handle($request);
|
||||
$this->assertSame($settings->get('reverse_proxy_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_IP));
|
||||
$this->assertSame($settings->get('reverse_proxy_proto_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_PROTO));
|
||||
$this->assertSame($settings->get('reverse_proxy_host_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_HOST));
|
||||
$this->assertSame($settings->get('reverse_proxy_port_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_PORT));
|
||||
$this->assertSame($settings->get('reverse_proxy_forwarded_header'), $request->getTrustedHeaderName($request::HEADER_FORWARDED));
|
||||
$this->assertSame($settings->get('reverse_proxy_addresses'), $request->getTrustedProxies());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -369,7 +369,31 @@ $settings['update_free_access'] = FALSE;
|
|||
* Set this value if your proxy server sends the client IP in a header
|
||||
* other than X-Forwarded-For.
|
||||
*/
|
||||
# $settings['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
|
||||
# $settings['reverse_proxy_header'] = 'X_CLUSTER_CLIENT_IP';
|
||||
|
||||
/**
|
||||
* Set this value if your proxy server sends the client protocol in a header
|
||||
* other than X-Forwarded-Proto.
|
||||
*/
|
||||
# $settings['reverse_proxy_proto_header'] = 'X_FORWARDED_PROTO';
|
||||
|
||||
/**
|
||||
* Set this value if your proxy server sends the client protocol in a header
|
||||
* other than X-Forwarded-Host.
|
||||
*/
|
||||
# $settings['reverse_proxy_host_header'] = 'X_FORWARDED_HOST';
|
||||
|
||||
/**
|
||||
* Set this value if your proxy server sends the client protocol in a header
|
||||
* other than X-Forwarded-Port.
|
||||
*/
|
||||
# $settings['reverse_proxy_port_header'] = 'X_FORWARDED_PORT';
|
||||
|
||||
/**
|
||||
* Set this value if your proxy server sends the client protocol in a header
|
||||
* other than Forwarded.
|
||||
*/
|
||||
# $settings['reverse_proxy_forwarded_header'] = 'FORWARDED';
|
||||
|
||||
/**
|
||||
* Page caching:
|
||||
|
|
|
|||
Loading…
Reference in New Issue