The following header keys are supported:
* Request::HEADER_CLIENT_IP: defaults to X-Forwarded-For (see getClientIp())
* Request::HEADER_CLIENT_HOST: defaults to X-Forwarded-Host (see getHost())
* Request::HEADER_CLIENT_PORT: defaults to X-Forwarded-Port (see getPort())
* Request::HEADER_CLIENT_PROTO: defaults to X-Forwarded-Proto (see getScheme() and isSecure())
Setting an empty value allows to disable the trusted header for the given key.
| public static setTrustedHeaderName ( string $key, string $value ) | ||
| $key | string | The header key |
| $value | string | The header name |
* Setup the core service groups.
* ----------------------------------------------------------------------------
*/
$list = new ProviderList($cms);
// Register events first so that they can be used by other providers.
$list->registerProvider($config->get('app.providers.core_events'));
// Register all other providers
$list->registerProviders($config->get('app.providers'));
/**
* ----------------------------------------------------------------------------
* Set trusted proxies and headers for the request
* ----------------------------------------------------------------------------
*/
if ($proxyHeaders = $config->get('concrete.security.trusted_proxies.headers')) {
foreach ($proxyHeaders as $key => $value) {
Request::setTrustedHeaderName($key, $value);
}
}
if ($trustedProxiesIps = $config->get('concrete.security.trusted_proxies.ips')) {
Request::setTrustedProxies($trustedProxiesIps);
}
/**
* ----------------------------------------------------------------------------
* Legacy Definitions
* ----------------------------------------------------------------------------
*/
define('APP_VERSION', $config->get('concrete.version'));
define('APP_CHARSET', $config->get('concrete.charset'));
try {
define('BASE_URL', \Core::getApplicationURL());
} catch (\Exception $x) {
|--------------------------------------------------------------------------
| Trust proxy headers
|--------------------------------------------------------------------------
|
| Checks if the site is behind a proxy server (or a load balancer) and
| set whether to trust the client IP sent in the request that comes via
| the proxy intermediary.
|
*/
if (Site::config('general')->proxy) {
// Trust the client proxy address
Request::setTrustedProxies(array(Request::getClientIp()));
// Trust the client IP header
Request::setTrustedHeaderName(\Symfony\Component\HttpFoundation\Request::HEADER_CLIENT_IP, 'X-Forwarded-For');
// Trust the client protocol header
Request::setTrustedHeaderName(\Symfony\Component\HttpFoundation\Request::HEADER_CLIENT_PROTO, 'X-Forwarded-Proto');
}
/*
|--------------------------------------------------------------------------
| Handle application errors
|--------------------------------------------------------------------------
|
| Shows custom screens for app errors. This is mainly done to show a
| friendly error message and to throw errors with ease from the view.
|
*/
App::error(function ($exception, $code) {
// Set system in error state
System::error(TRUE);
// Get the exception instance
$type = get_class($exception);
