mirror of
https://github.com/snipe/snipe-it.git
synced 2025-01-11 22:07:29 -08:00
Fix reverse proxy support
Reintroducing trusted proxies via fideloper/proxy: * Upgraded fideloper/proxy to 3.1 * Added fideloper/proxy to Http/Kernel.php * Added fideloper/proxy to config/app.php * Added environment variable APP_TRUSTED_PROXIES to env (with '*' being the default fallback)
This commit is contained in:
parent
412756b651
commit
8d03668d78
|
@ -74,3 +74,4 @@ AWS_BUCKET=null
|
||||||
APP_LOG=single
|
APP_LOG=single
|
||||||
APP_LOCKED=false
|
APP_LOCKED=false
|
||||||
FILESYSTEM_DISK=local
|
FILESYSTEM_DISK=local
|
||||||
|
APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
|
|
@ -21,6 +21,7 @@ class Kernel extends HttpKernel
|
||||||
\App\Http\Middleware\XssProtectHeader::class,
|
\App\Http\Middleware\XssProtectHeader::class,
|
||||||
\App\Http\Middleware\NosniffGuard::class,
|
\App\Http\Middleware\NosniffGuard::class,
|
||||||
\App\Http\Middleware\CheckForSetup::class,
|
\App\Http\Middleware\CheckForSetup::class,
|
||||||
|
\Fideloper\Proxy\TrustProxies::class,
|
||||||
];
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
"league/csv": "~7.0",
|
"league/csv": "~7.0",
|
||||||
"maknz/slack": "dev-master",
|
"maknz/slack": "dev-master",
|
||||||
"erusev/parsedown": "dev-master",
|
"erusev/parsedown": "dev-master",
|
||||||
"fideloper/proxy": "2.1.1",
|
"fideloper/proxy": "^3.1",
|
||||||
"guzzlehttp/guzzle": "5.3.0",
|
"guzzlehttp/guzzle": "5.3.0",
|
||||||
"aws/aws-sdk-php-laravel": "~3.0",
|
"aws/aws-sdk-php-laravel": "~3.0",
|
||||||
"tecnickcom/tc-lib-barcode": "dev-master",
|
"tecnickcom/tc-lib-barcode": "dev-master",
|
||||||
|
|
28
composer.lock
generated
28
composer.lock
generated
|
@ -4,8 +4,8 @@
|
||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"hash": "abd2bfc01b3565b7dd1f6aac9e9311b1",
|
"hash": "11dadd0d32641538b6855a62bc083aa2",
|
||||||
"content-hash": "21294a0f9fd03e194e64084844a1d380",
|
"content-hash": "dd7dd05440de96bf23863dec984217af",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "aws/aws-sdk-php",
|
"name": "aws/aws-sdk-php",
|
||||||
|
@ -792,31 +792,35 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "fideloper/proxy",
|
"name": "fideloper/proxy",
|
||||||
"version": "2.1.1",
|
"version": "3.1.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/fideloper/TrustedProxy.git",
|
"url": "https://github.com/fideloper/TrustedProxy.git",
|
||||||
"reference": "a0ec0f35c82dceecc0d8975f29e6e8e85acbd419"
|
"reference": "ec4dd30141e2515e307aea3539ff242e85c3f120"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/fideloper/TrustedProxy/zipball/a0ec0f35c82dceecc0d8975f29e6e8e85acbd419",
|
"url": "https://api.github.com/repos/fideloper/TrustedProxy/zipball/ec4dd30141e2515e307aea3539ff242e85c3f120",
|
||||||
"reference": "a0ec0f35c82dceecc0d8975f29e6e8e85acbd419",
|
"reference": "ec4dd30141e2515e307aea3539ff242e85c3f120",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
"illuminate/support": "~4.0|~5.0",
|
"illuminate/contracts": "~5.0",
|
||||||
"php": ">=5.3.0"
|
"php": ">=5.4.0"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"illuminate/http": "~5.0",
|
||||||
|
"mockery/mockery": "~0.9.3"
|
||||||
},
|
},
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"extra": {
|
"extra": {
|
||||||
"branch-alias": {
|
"branch-alias": {
|
||||||
"dev-master": "2.0-dev"
|
"dev-master": "3.1-dev"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
"psr-0": {
|
"psr-4": {
|
||||||
"Fideloper\\Proxy": "src/"
|
"Fideloper\\Proxy\\": "src/"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"notification-url": "https://packagist.org/downloads/",
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
@ -835,7 +839,7 @@
|
||||||
"proxy",
|
"proxy",
|
||||||
"trusted proxy"
|
"trusted proxy"
|
||||||
],
|
],
|
||||||
"time": "2014-11-20 02:20:43"
|
"time": "2015-12-24 15:02:55"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "guzzlehttp/guzzle",
|
"name": "guzzlehttp/guzzle",
|
||||||
|
|
|
@ -196,6 +196,7 @@ return [
|
||||||
Intervention\Image\ImageServiceProvider::class,
|
Intervention\Image\ImageServiceProvider::class,
|
||||||
Collective\Html\HtmlServiceProvider::class,
|
Collective\Html\HtmlServiceProvider::class,
|
||||||
Spatie\Backup\BackupServiceProvider::class,
|
Spatie\Backup\BackupServiceProvider::class,
|
||||||
|
Fideloper\Proxy\TrustedProxyServiceProvider::class,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Custom service provider
|
* Custom service provider
|
||||||
|
|
23
config/trustedproxy.php
Normal file
23
config/trustedproxy.php
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set trusted proxy IP addresses.
|
||||||
|
*
|
||||||
|
* Both IPv4 and IPv6 addresses are
|
||||||
|
* supported, along with CIDR notation.
|
||||||
|
*
|
||||||
|
* The "*" character is syntactic sugar
|
||||||
|
* within TrustedProxy to trust any proxy;
|
||||||
|
* a requirement when you cannot know the address
|
||||||
|
* of your proxy (e.g. if using Rackspace balancers).
|
||||||
|
*/
|
||||||
|
'proxies' => env('APP_TRUSTED_PROXIES') !== null ? explode(env('APP_TRUSTED_PROXIES'), ',') : '*',
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Or, to trust all proxies, uncomment this:
|
||||||
|
*/
|
||||||
|
# 'proxies' => '*',
|
||||||
|
|
||||||
|
];
|
Loading…
Reference in a new issue