Mercurial > hg > cmmr2012-drupal-site
comparison core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php @ 5:12f9dff5fda9 tip
Update to Drupal core 8.7.1
| author | Chris Cannam |
|---|---|
| date | Thu, 09 May 2019 15:34:47 +0100 |
| parents | c75dbcec494b |
| children |
comparison
equal
deleted
inserted
replaced
| 4:a9cd425dd02b | 5:12f9dff5fda9 |
|---|---|
| 56 * The site settings. | 56 * The site settings. |
| 57 */ | 57 */ |
| 58 public static function setSettingsOnRequest(Request $request, Settings $settings) { | 58 public static function setSettingsOnRequest(Request $request, Settings $settings) { |
| 59 // Initialize proxy settings. | 59 // Initialize proxy settings. |
| 60 if ($settings->get('reverse_proxy', FALSE)) { | 60 if ($settings->get('reverse_proxy', FALSE)) { |
| 61 $ip_header = $settings->get('reverse_proxy_header', 'X_FORWARDED_FOR'); | |
| 62 $request::setTrustedHeaderName($request::HEADER_X_FORWARDED_FOR, $ip_header); | |
| 63 | |
| 64 $proto_header = $settings->get('reverse_proxy_proto_header', 'X_FORWARDED_PROTO'); | |
| 65 $request::setTrustedHeaderName($request::HEADER_X_FORWARDED_PROTO, $proto_header); | |
| 66 | |
| 67 $host_header = $settings->get('reverse_proxy_host_header', 'X_FORWARDED_HOST'); | |
| 68 $request::setTrustedHeaderName($request::HEADER_X_FORWARDED_HOST, $host_header); | |
| 69 | |
| 70 $port_header = $settings->get('reverse_proxy_port_header', 'X_FORWARDED_PORT'); | |
| 71 $request::setTrustedHeaderName($request::HEADER_X_FORWARDED_PORT, $port_header); | |
| 72 | |
| 73 $forwarded_header = $settings->get('reverse_proxy_forwarded_header', 'FORWARDED'); | |
| 74 $request::setTrustedHeaderName($request::HEADER_FORWARDED, $forwarded_header); | |
| 75 | |
| 76 $proxies = $settings->get('reverse_proxy_addresses', []); | 61 $proxies = $settings->get('reverse_proxy_addresses', []); |
| 77 if (count($proxies) > 0) { | 62 if (count($proxies) > 0) { |
| 78 $request::setTrustedProxies($proxies, Request::HEADER_X_FORWARDED_ALL | Request::HEADER_FORWARDED); | 63 $deprecated_settings = [ |
| 64 'reverse_proxy_header' => Request::HEADER_X_FORWARDED_FOR, | |
| 65 'reverse_proxy_proto_header' => Request::HEADER_X_FORWARDED_PROTO, | |
| 66 'reverse_proxy_host_header' => Request::HEADER_X_FORWARDED_HOST, | |
| 67 'reverse_proxy_port_header' => Request::HEADER_X_FORWARDED_PORT, | |
| 68 'reverse_proxy_forwarded_header' => Request::HEADER_FORWARDED, | |
| 69 ]; | |
| 70 | |
| 71 $all = $settings->getAll(); | |
| 72 // Set the default value. This is the most relaxed setting possible and | |
| 73 // not recommended for production. | |
| 74 $trusted_header_set = Request::HEADER_X_FORWARDED_ALL | Request::HEADER_FORWARDED; | |
| 75 foreach ($deprecated_settings as $deprecated_setting => $bit_value) { | |
| 76 if (array_key_exists($deprecated_setting, $all)) { | |
| 77 @trigger_error(sprintf("The '%s' setting in settings.php is deprecated in Drupal 8.7.0 and will be removed before Drupal 9.0.0. Use the 'reverse_proxy_trusted_headers' setting instead. See https://www.drupal.org/node/3030558", $deprecated_setting), E_USER_DEPRECATED); | |
| 78 $request::setTrustedHeaderName($bit_value, $all[$deprecated_setting]); | |
| 79 if ($all[$deprecated_setting] === NULL) { | |
| 80 // If the value is NULL do not trust the header. | |
| 81 $trusted_header_set &= ~$bit_value; | |
| 82 } | |
| 83 } | |
| 84 } | |
| 85 | |
| 86 $request::setTrustedProxies( | |
| 87 $proxies, | |
| 88 $settings->get('reverse_proxy_trusted_headers', $trusted_header_set) | |
| 89 ); | |
| 79 } | 90 } |
| 80 } | 91 } |
| 81 } | 92 } |
| 82 | 93 |
| 83 } | 94 } |