setTrustedHeaderName() public static method

The following header keys are supported: * Request::HEADER_CLIENT_IP: defaults to X-Forwarded-For (see getClientIp()) * Request::HEADER_CLIENT_HOST: defaults to X-Forwarded-Host (see getHost()) * Request::HEADER_CLIENT_PORT: defaults to X-Forwarded-Port (see getPort()) * Request::HEADER_CLIENT_PROTO: defaults to X-Forwarded-Proto (see getScheme() and isSecure()) Setting an empty value allows to disable the trusted header for the given key.
public static setTrustedHeaderName ( string $key, string $value )
$key string The header key
$value string The header name
Example #1
0
 * Setup the core service groups.
 * ----------------------------------------------------------------------------
 */
$list = new ProviderList($cms);
// Register events first so that they can be used by other providers.
$list->registerProvider($config->get('app.providers.core_events'));
// Register all other providers
$list->registerProviders($config->get('app.providers'));
/**
 * ----------------------------------------------------------------------------
 * Set trusted proxies and headers for the request
 * ----------------------------------------------------------------------------
 */
if ($proxyHeaders = $config->get('concrete.security.trusted_proxies.headers')) {
    foreach ($proxyHeaders as $key => $value) {
        Request::setTrustedHeaderName($key, $value);
    }
}
if ($trustedProxiesIps = $config->get('concrete.security.trusted_proxies.ips')) {
    Request::setTrustedProxies($trustedProxiesIps);
}
/**
 * ----------------------------------------------------------------------------
 * Legacy Definitions
 * ----------------------------------------------------------------------------
 */
define('APP_VERSION', $config->get('concrete.version'));
define('APP_CHARSET', $config->get('concrete.charset'));
try {
    define('BASE_URL', \Core::getApplicationURL());
} catch (\Exception $x) {
Example #2
0
|--------------------------------------------------------------------------
| Trust proxy headers
|--------------------------------------------------------------------------
|
| Checks if the site is behind a proxy server (or a load balancer) and
| set whether to trust the client IP sent in the request that comes via
| the proxy intermediary.
|
*/
if (Site::config('general')->proxy) {
    // Trust the client proxy address
    Request::setTrustedProxies(array(Request::getClientIp()));
    // Trust the client IP header
    Request::setTrustedHeaderName(\Symfony\Component\HttpFoundation\Request::HEADER_CLIENT_IP, 'X-Forwarded-For');
    // Trust the client protocol header
    Request::setTrustedHeaderName(\Symfony\Component\HttpFoundation\Request::HEADER_CLIENT_PROTO, 'X-Forwarded-Proto');
}
/*
|--------------------------------------------------------------------------
| Handle application errors
|--------------------------------------------------------------------------
|
| Shows custom screens for app errors. This is mainly done to show a
| friendly error message and to throw errors with ease from the view.
|
*/
App::error(function ($exception, $code) {
    // Set system in error state
    System::error(TRUE);
    // Get the exception instance
    $type = get_class($exception);