diff --git a/.env.example b/.env.example index dcc1a412df..c67ba1d5e5 100644 --- a/.env.example +++ b/.env.example @@ -74,3 +74,4 @@ AWS_BUCKET=null APP_LOG=single APP_LOCKED=false FILESYSTEM_DISK=local +APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1 \ No newline at end of file diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 6ae3870c11..2e650bc671 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -21,6 +21,7 @@ class Kernel extends HttpKernel \App\Http\Middleware\XssProtectHeader::class, \App\Http\Middleware\NosniffGuard::class, \App\Http\Middleware\CheckForSetup::class, + \Fideloper\Proxy\TrustProxies::class, ]; /** diff --git a/composer.json b/composer.json index b43fb683a7..e0901225c5 100644 --- a/composer.json +++ b/composer.json @@ -11,7 +11,7 @@ "league/csv": "~7.0", "maknz/slack": "dev-master", "erusev/parsedown": "dev-master", - "fideloper/proxy": "2.1.1", + "fideloper/proxy": "^3.1", "guzzlehttp/guzzle": "5.3.0", "aws/aws-sdk-php-laravel": "~3.0", "tecnickcom/tc-lib-barcode": "dev-master", diff --git a/composer.lock b/composer.lock index f161f88ee6..3bfc40846d 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,8 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "abd2bfc01b3565b7dd1f6aac9e9311b1", - "content-hash": "21294a0f9fd03e194e64084844a1d380", + "hash": "11dadd0d32641538b6855a62bc083aa2", + "content-hash": "dd7dd05440de96bf23863dec984217af", "packages": [ { "name": "aws/aws-sdk-php", @@ -792,31 +792,35 @@ }, { "name": "fideloper/proxy", - "version": "2.1.1", + "version": "3.1.0", "source": { "type": "git", "url": "https://github.com/fideloper/TrustedProxy.git", - "reference": "a0ec0f35c82dceecc0d8975f29e6e8e85acbd419" + "reference": "ec4dd30141e2515e307aea3539ff242e85c3f120" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/fideloper/TrustedProxy/zipball/a0ec0f35c82dceecc0d8975f29e6e8e85acbd419", - "reference": "a0ec0f35c82dceecc0d8975f29e6e8e85acbd419", + "url": "https://api.github.com/repos/fideloper/TrustedProxy/zipball/ec4dd30141e2515e307aea3539ff242e85c3f120", + "reference": "ec4dd30141e2515e307aea3539ff242e85c3f120", "shasum": "" }, "require": { - "illuminate/support": "~4.0|~5.0", - "php": ">=5.3.0" + "illuminate/contracts": "~5.0", + "php": ">=5.4.0" + }, + "require-dev": { + "illuminate/http": "~5.0", + "mockery/mockery": "~0.9.3" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "2.0-dev" + "dev-master": "3.1-dev" } }, "autoload": { - "psr-0": { - "Fideloper\\Proxy": "src/" + "psr-4": { + "Fideloper\\Proxy\\": "src/" } }, "notification-url": "https://packagist.org/downloads/", @@ -835,7 +839,7 @@ "proxy", "trusted proxy" ], - "time": "2014-11-20 02:20:43" + "time": "2015-12-24 15:02:55" }, { "name": "guzzlehttp/guzzle", diff --git a/config/app.php b/config/app.php index 4841c56507..a55ce60c0a 100644 --- a/config/app.php +++ b/config/app.php @@ -196,6 +196,7 @@ return [ Intervention\Image\ImageServiceProvider::class, Collective\Html\HtmlServiceProvider::class, Spatie\Backup\BackupServiceProvider::class, + Fideloper\Proxy\TrustedProxyServiceProvider::class, /* * Custom service provider diff --git a/config/trustedproxy.php b/config/trustedproxy.php new file mode 100644 index 0000000000..4026962719 --- /dev/null +++ b/config/trustedproxy.php @@ -0,0 +1,23 @@ + env('APP_TRUSTED_PROXIES') !== null ? explode(env('APP_TRUSTED_PROXIES'), ',') : '*', + + /* + * Or, to trust all proxies, uncomment this: + */ + # 'proxies' => '*', + +]; \ No newline at end of file