From e54036991cfdb8a7574ec463ba3e07d769a8a0d1 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Fri, 13 Jan 2017 20:59:54 -0800
Subject: [PATCH] Updated trusted proxy config for newer version

---
 config/trustedproxy.php | 48 +++++++++++++++++++++++++++++++++++++----
 1 file changed, 44 insertions(+), 4 deletions(-)

diff --git a/config/trustedproxy.php b/config/trustedproxy.php
index 4026962719..d78ce5cdeb 100644
--- a/config/trustedproxy.php
+++ b/config/trustedproxy.php
@@ -9,15 +9,55 @@ return [
      * supported, along with CIDR notation.
      *
      * The "*" character is syntactic sugar
-     * within TrustedProxy to trust any proxy;
+     * within TrustedProxy to trust any proxy
+     * that connects directly to your server,
      * a requirement when you cannot know the address
      * of your proxy (e.g. if using Rackspace balancers).
+     *
+     * The "**" character is syntactic sugar within
+     * TrustedProxy to trust not just any proxy that
+     * connects directly to your server, but also
+     * proxies that connect to those proxies, and all
+     * the way back until you reach the original source
+     * IP. It will mean that $request->getClientIp()
+     * always gets the originating client IP, no matter
+     * how many proxies that client's request has
+     * subsequently passed through.
      */
     'proxies' => env('APP_TRUSTED_PROXIES') !== null ? explode(env('APP_TRUSTED_PROXIES'), ',') : '*',
 
     /*
-     * Or, to trust all proxies, uncomment this:
+     * Or, to trust all proxies that connect
+     * directly to your server, uncomment this:
      */
-     # 'proxies' => '*',
+    # 'proxies' => '*',
 
-];
\ No newline at end of file
+    /*
+     * Or, to trust ALL proxies, including those that
+     * are in a chain of fowarding, uncomment this:
+    */
+    # 'proxies' => '**',
+
+    /*
+     * Default Header Names
+     *
+     * Change these if the proxy does
+     * not send the default header names.
+     *
+     * Note that headers such as X-Forwarded-For
+     * are transformed to HTTP_X_FORWARDED_FOR format.
+     *
+     * The following are Symfony defaults, found in
+     * \Symfony\Component\HttpFoundation\Request::$trustedHeaders
+     *
+     * We may also want to add something like:
+     * \Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_SCHEME',
+     */
+    'headers' => [
+        \Illuminate\Http\Request::HEADER_CLIENT_IP    => 'X_FORWARDED_FOR',
+        \Illuminate\Http\Request::HEADER_CLIENT_HOST  => 'X_FORWARDED_HOST',
+        \Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
+        \Illuminate\Http\Request::HEADER_CLIENT_PORT  => 'X_FORWARDED_PORT',
+
+    ]
+];