lunax/snipe_it
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity Actions

Updated trustedproxy w/config

Browse source
This commit is contained in:
snipe 2018-07-24 20:48:24 -07:00
parent 3d3ed6ab03
commit 60c4fa1d90
1 changed files with 17 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
config/trustedproxy.php
View file

@ -1,14 +1,5 @@
<?php <?php
/*
|--------------------------------------------------------------------------
| DO NOT EDIT THIS FILE DIRECTLY.
|--------------------------------------------------------------------------
| This file reads from your .env configuration file and should not
| be modified directly.
*/
return [ return [
/* /*
@ -21,53 +12,34 @@ return [
* within TrustedProxy to trust any proxy * within TrustedProxy to trust any proxy
* that connects directly to your server, * that connects directly to your server,
* a requirement when you cannot know the address * a requirement when you cannot know the address
* of your proxy (e.g. if using Rackspace balancers). * of your proxy (e.g. if using ELB or similar).
* *
* The "**" character is syntactic sugar within
* TrustedProxy to trust not just any proxy that
* connects directly to your server, but also
* proxies that connect to those proxies, and all
* the way back until you reach the original source
* IP. It will mean that $request->getClientIp()
* always gets the originating client IP, no matter
* how many proxies that client's request has
* subsequently passed through.
*/ */
'proxies' => env('APP_TRUSTED_PROXIES') !== null ? 'proxies' => null, // [<ip addresses>,], '*'
explode(',', env('APP_TRUSTED_PROXIES')) : '*',
/*
* To trust one or more specific proxies that connect
* directly to your server, use an array of IP addresses:
*/
# 'proxies' => ['192.168.1.1'],
/* /*
* Or, to trust all proxies that connect * Or, to trust all proxies that connect
* directly to your server, uncomment this: * directly to your server, use a "*"
*/ */
// 'proxies' => '*', # 'proxies' => '*',
/* /*
* Or, to trust ALL proxies, including those that * Which headers to use to detect proxy related data (For, Host, Proto, Port)
* are in a chain of forwarding, uncomment this:
*/
// 'proxies' => '**',
/*
* Default Header Names
* *
* Change these if the proxy does * Options include:
* not send the default header names.
* *
* Note that headers such as X-Forwarded-For * - Illuminate\Http\Request::HEADER_X_FORWARDED_ALL (use all x-forwarded-* headers to establish trust)
* are transformed to HTTP_X_FORWARDED_FOR format. * - Illuminate\Http\Request::HEADER_FORWARDED (use the FORWARDED header to establish trust)
* *
* The following are Symfony defaults, found in * @link https://symfony.com/doc/current/deployment/proxies.html
* \Symfony\Component\HttpFoundation\Request::$trustedHeaders
*
* We may also want to add something like:
* \Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_SCHEME',
*/ */
'headers' => [ 'headers' => Illuminate\Http\Request::HEADER_X_FORWARDED_ALL,
\Illuminate\Http\Request::HEADER_CLIENT_IP => 'X_FORWARDED_FOR',
\Illuminate\Http\Request::HEADER_CLIENT_HOST => 'X_FORWARDED_HOST',
\Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
\Illuminate\Http\Request::HEADER_CLIENT_PORT => 'X_FORWARDED_PORT',
]
]; ];