Commit 238a2397 authored by alexpott's avatar alexpott

Issue #313145 by ghoti, t0xicCode, znerol, pwolanin, thedavidmeister, seanr,...

Issue #313145 by ghoti, t0xicCode, znerol, pwolanin, thedavidmeister, seanr, neclimdul, Damien Tournoud: Support X-Forwarded-* HTTP headers alternates
parent a2c96ec5
......@@ -11,7 +11,7 @@
use Symfony\Component\HttpKernel\HttpKernelInterface;
/**
*
* Provides support for reverse proxies.
*/
class ReverseProxyMiddleware implements HttpKernelInterface {
......@@ -48,8 +48,21 @@ public function __construct(HttpKernelInterface $http_kernel, Settings $settings
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {
// Initialize proxy settings.
if ($this->settings->get('reverse_proxy', FALSE)) {
$reverse_proxy_header = $this->settings->get('reverse_proxy_header', 'X_FORWARDED_FOR');
$request::setTrustedHeaderName($request::HEADER_CLIENT_IP, $reverse_proxy_header);
$ip_header = $this->settings->get('reverse_proxy_header', 'X_FORWARDED_FOR');
$request::setTrustedHeaderName($request::HEADER_CLIENT_IP, $ip_header);
$proto_header = $this->settings->get('reverse_proxy_proto_header', 'X_FORWARDED_PROTO');
$request::setTrustedHeaderName($request::HEADER_CLIENT_PROTO, $proto_header);
$host_header = $this->settings->get('reverse_proxy_host_header', 'X_FORWARDED_HOST');
$request::setTrustedHeaderName($request::HEADER_CLIENT_HOST, $host_header);
$port_header = $this->settings->get('reverse_proxy_port_header', 'X_FORWARDED_PORT');
$request::setTrustedHeaderName($request::HEADER_CLIENT_PORT, $port_header);
$forwarded_header = $this->settings->get('reverse_proxy_forwarded_header', 'FORWARDED');
$request::setTrustedHeaderName($request::HEADER_FORWARDED, $forwarded_header);
$proxies = $this->settings->get('reverse_proxy_addresses', array());
if (count($proxies) > 0) {
$request::setTrustedProxies($proxies);
......
......@@ -66,13 +66,11 @@ public function reverseProxyEnabledProvider() {
return array(
array(
array(
'reverse_proxy_header' => 'HTTP_X_FORWARDED_FOR',
'reverse_proxy_addresses' => array(),
),
),
array(
array(
'reverse_proxy_header' => 'X_FORWARDED_HOST',
'reverse_proxy_header' => 'X_FORWARDED_FOR_CUSTOMIZED',
'reverse_proxy_proto_header' => 'X_FORWARDED_PROTO_CUSTOMIZED',
'reverse_proxy_host_header' => 'X_FORWARDED_HOST_CUSTOMIZED',
'reverse_proxy_port_header' => 'X_FORWARDED_PORT_CUSTOMIZED',
'reverse_proxy_forwarded_header' => 'FORWARDED_CUSTOMIZED',
'reverse_proxy_addresses' => array('127.0.0.2', '127.0.0.3'),
),
),
......@@ -95,6 +93,10 @@ protected function trustedHeadersAreSet(Settings $settings) {
$middleware->handle($request);
$this->assertSame($settings->get('reverse_proxy_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_IP));
$this->assertSame($settings->get('reverse_proxy_proto_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_PROTO));
$this->assertSame($settings->get('reverse_proxy_host_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_HOST));
$this->assertSame($settings->get('reverse_proxy_port_header'), $request->getTrustedHeaderName($request::HEADER_CLIENT_PORT));
$this->assertSame($settings->get('reverse_proxy_forwarded_header'), $request->getTrustedHeaderName($request::HEADER_FORWARDED));
$this->assertSame($settings->get('reverse_proxy_addresses'), $request->getTrustedProxies());
}
}
......@@ -369,7 +369,31 @@
* Set this value if your proxy server sends the client IP in a header
* other than X-Forwarded-For.
*/
# $settings['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
# $settings['reverse_proxy_header'] = 'X_CLUSTER_CLIENT_IP';
/**
* Set this value if your proxy server sends the client protocol in a header
* other than X-Forwarded-Proto.
*/
# $settings['reverse_proxy_proto_header'] = 'X_FORWARDED_PROTO';
/**
* Set this value if your proxy server sends the client protocol in a header
* other than X-Forwarded-Host.
*/
# $settings['reverse_proxy_host_header'] = 'X_FORWARDED_HOST';
/**
* Set this value if your proxy server sends the client protocol in a header
* other than X-Forwarded-Port.
*/
# $settings['reverse_proxy_port_header'] = 'X_FORWARDED_PORT';
/**
* Set this value if your proxy server sends the client protocol in a header
* other than Forwarded.
*/
# $settings['reverse_proxy_forwarded_header'] = 'FORWARDED';
/**
* Page caching:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment