mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-25 05:34:06 -08:00
Updated trustedproxy w/config
This commit is contained in:
parent
3d3ed6ab03
commit
60c4fa1d90
|
@ -1,14 +1,5 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| DO NOT EDIT THIS FILE DIRECTLY.
|
||||
|--------------------------------------------------------------------------
|
||||
| This file reads from your .env configuration file and should not
|
||||
| be modified directly.
|
||||
*/
|
||||
|
||||
|
||||
return [
|
||||
|
||||
/*
|
||||
|
@ -21,53 +12,34 @@ return [
|
|||
* within TrustedProxy to trust any proxy
|
||||
* that connects directly to your server,
|
||||
* a requirement when you cannot know the address
|
||||
* of your proxy (e.g. if using Rackspace balancers).
|
||||
* of your proxy (e.g. if using ELB or similar).
|
||||
*
|
||||
* The "**" character is syntactic sugar within
|
||||
* TrustedProxy to trust not just any proxy that
|
||||
* connects directly to your server, but also
|
||||
* proxies that connect to those proxies, and all
|
||||
* the way back until you reach the original source
|
||||
* IP. It will mean that $request->getClientIp()
|
||||
* always gets the originating client IP, no matter
|
||||
* how many proxies that client's request has
|
||||
* subsequently passed through.
|
||||
*/
|
||||
'proxies' => env('APP_TRUSTED_PROXIES') !== null ?
|
||||
explode(',', env('APP_TRUSTED_PROXIES')) : '*',
|
||||
'proxies' => null, // [<ip addresses>,], '*'
|
||||
|
||||
/*
|
||||
* To trust one or more specific proxies that connect
|
||||
* directly to your server, use an array of IP addresses:
|
||||
*/
|
||||
# 'proxies' => ['192.168.1.1'],
|
||||
|
||||
/*
|
||||
* Or, to trust all proxies that connect
|
||||
* directly to your server, uncomment this:
|
||||
* directly to your server, use a "*"
|
||||
*/
|
||||
// 'proxies' => '*',
|
||||
# 'proxies' => '*',
|
||||
|
||||
/*
|
||||
* Or, to trust ALL proxies, including those that
|
||||
* are in a chain of forwarding, uncomment this:
|
||||
*/
|
||||
// 'proxies' => '**',
|
||||
|
||||
/*
|
||||
* Default Header Names
|
||||
* Which headers to use to detect proxy related data (For, Host, Proto, Port)
|
||||
*
|
||||
* Change these if the proxy does
|
||||
* not send the default header names.
|
||||
* Options include:
|
||||
*
|
||||
* Note that headers such as X-Forwarded-For
|
||||
* are transformed to HTTP_X_FORWARDED_FOR format.
|
||||
* - Illuminate\Http\Request::HEADER_X_FORWARDED_ALL (use all x-forwarded-* headers to establish trust)
|
||||
* - Illuminate\Http\Request::HEADER_FORWARDED (use the FORWARDED header to establish trust)
|
||||
*
|
||||
* The following are Symfony defaults, found in
|
||||
* \Symfony\Component\HttpFoundation\Request::$trustedHeaders
|
||||
*
|
||||
* We may also want to add something like:
|
||||
* \Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_SCHEME',
|
||||
* @link https://symfony.com/doc/current/deployment/proxies.html
|
||||
*/
|
||||
'headers' => [
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_IP => 'X_FORWARDED_FOR',
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_HOST => 'X_FORWARDED_HOST',
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_PORT => 'X_FORWARDED_PORT',
|
||||
'headers' => Illuminate\Http\Request::HEADER_X_FORWARDED_ALL,
|
||||
|
||||
|
||||
]
|
||||
];
|
||||
|
|
Loading…
Reference in a new issue