The following header keys are supported:
* Request::HEADER_CLIENT_IP: defaults to X-Forwarded-For (see getClientIp())
* Request::HEADER_CLIENT_HOST: defaults to X-Forwarded-Host (see getHost())
* Request::HEADER_CLIENT_PORT: defaults to X-Forwarded-Port (see getPort())
* Request::HEADER_CLIENT_PROTO: defaults to X-Forwarded-Proto (see getScheme() and isSecure())
Setting an empty value allows to disable the trusted header for the given key.
public static setTrustedHeaderName ( string $key, string $value ) | ||
$key | string | The header key |
$value | string | The header name |
/** * @expectedException \InvalidArgumentException */ public function testSetTrustedProxiesInvalidHeaderName() { Request::create('http://example.com/'); Request::setTrustedHeaderName('bogus name', 'X_MY_FOR'); }
public function testTrustedProxies() { $request = Request::create('http://example.com/'); $request->server->set('REMOTE_ADDR', '3.3.3.3'); $request->headers->set('X_FORWARDED_FOR', '1.1.1.1, 2.2.2.2'); $request->headers->set('X_FORWARDED_HOST', 'foo.example.com, real.example.com:8080'); $request->headers->set('X_FORWARDED_PROTO', 'https'); $request->headers->set('X_FORWARDED_PORT', 443); $request->headers->set('X_MY_FOR', '3.3.3.3, 4.4.4.4'); $request->headers->set('X_MY_HOST', 'my.example.com'); $request->headers->set('X_MY_PROTO', 'http'); $request->headers->set('X_MY_PORT', 81); // no trusted proxies $this->assertEquals('3.3.3.3', $request->getClientIp()); $this->assertEquals('example.com', $request->getHost()); $this->assertEquals(80, $request->getPort()); $this->assertFalse($request->isSecure()); // disabling proxy trusting Request::setTrustedProxies(array()); $this->assertEquals('3.3.3.3', $request->getClientIp()); $this->assertEquals('example.com', $request->getHost()); $this->assertEquals(80, $request->getPort()); $this->assertFalse($request->isSecure()); // trusted proxy via setTrustedProxies() Request::setTrustedProxies(array('3.3.3.3', '2.2.2.2')); $this->assertEquals('1.1.1.1', $request->getClientIp()); $this->assertEquals('real.example.com', $request->getHost()); $this->assertEquals(443, $request->getPort()); $this->assertTrue($request->isSecure()); // custom header names Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, 'X_MY_FOR'); Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, 'X_MY_HOST'); Request::setTrustedHeaderName(Request::HEADER_CLIENT_PORT, 'X_MY_PORT'); Request::setTrustedHeaderName(Request::HEADER_CLIENT_PROTO, 'X_MY_PROTO'); $this->assertEquals('4.4.4.4', $request->getClientIp()); $this->assertEquals('my.example.com', $request->getHost()); $this->assertEquals(81, $request->getPort()); $this->assertFalse($request->isSecure()); // disabling via empty header names Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, null); Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, null); Request::setTrustedHeaderName(Request::HEADER_CLIENT_PORT, null); Request::setTrustedHeaderName(Request::HEADER_CLIENT_PROTO, null); $this->assertEquals('3.3.3.3', $request->getClientIp()); $this->assertEquals('example.com', $request->getHost()); $this->assertEquals(80, $request->getPort()); $this->assertFalse($request->isSecure()); // reset Request::setTrustedProxies(array()); Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, 'X_FORWARDED_FOR'); Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, 'X_FORWARDED_HOST'); Request::setTrustedHeaderName(Request::HEADER_CLIENT_PORT, 'X_FORWARDED_PORT'); Request::setTrustedHeaderName(Request::HEADER_CLIENT_PROTO, 'X_FORWARDED_PROTO'); }
public function testESIHeaderIsKeptInSubrequestWithTrustedHeaderDisabled() { $trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP); Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, ''); $this->testESIHeaderIsKeptInSubrequest(); Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, $trustedHeaderName); }
<?php use Shopware\Components\HttpCache\AppCache; use Symfony\Component\HttpFoundation\Request; /** * @var Composer\Autoload\ClassLoader */ $loader = (require __DIR__ . '/../app/autoload.php'); $environment = getenv('SHOPWARE_ENV'); $kernel = new AppKernel($environment, $environment !== 'production'); if ($kernel->isHttpCacheEnabled()) { $kernel = new AppCache($kernel, $kernel->getHttpCacheConfig()); } $request = Request::createFromGlobals(); // Trust the heroku load balancer // see: https://devcenter.heroku.com/articles/getting-started-with-symfony#trusting-the-load-balancer Request::setTrustedProxies([$request->server->get('REMOTE_ADDR')]); Request::setTrustedHeaderName(Request::HEADER_FORWARDED, null); $response = $kernel->handle($request); $response->send();