annotate core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents af1871eacc83
children
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\Core\StackMiddleware;
Chris@0 4
Chris@0 5 use Drupal\Core\Site\Settings;
Chris@0 6 use Symfony\Component\HttpFoundation\Request;
Chris@0 7 use Symfony\Component\HttpKernel\HttpKernelInterface;
Chris@0 8
Chris@0 9 /**
Chris@0 10 * Provides support for reverse proxies.
Chris@0 11 */
Chris@0 12 class ReverseProxyMiddleware implements HttpKernelInterface {
Chris@0 13
Chris@0 14 /**
Chris@0 15 * The decorated kernel.
Chris@0 16 *
Chris@0 17 * @var \Symfony\Component\HttpKernel\HttpKernelInterface
Chris@0 18 */
Chris@0 19 protected $httpKernel;
Chris@0 20
Chris@0 21 /**
Chris@0 22 * The site settings.
Chris@0 23 *
Chris@0 24 * @var \Drupal\Core\Site\Settings
Chris@0 25 */
Chris@0 26 protected $settings;
Chris@0 27
Chris@0 28 /**
Chris@0 29 * Constructs a ReverseProxyMiddleware object.
Chris@0 30 *
Chris@0 31 * @param \Symfony\Component\HttpKernel\HttpKernelInterface $http_kernel
Chris@0 32 * The decorated kernel.
Chris@0 33 * @param \Drupal\Core\Site\Settings $settings
Chris@0 34 * The site settings.
Chris@0 35 */
Chris@0 36 public function __construct(HttpKernelInterface $http_kernel, Settings $settings) {
Chris@0 37 $this->httpKernel = $http_kernel;
Chris@0 38 $this->settings = $settings;
Chris@0 39 }
Chris@0 40
Chris@0 41 /**
Chris@0 42 * {@inheritdoc}
Chris@0 43 */
Chris@0 44 public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {
Chris@0 45 // Initialize proxy settings.
Chris@0 46 static::setSettingsOnRequest($request, $this->settings);
Chris@0 47 return $this->httpKernel->handle($request, $type, $catch);
Chris@0 48 }
Chris@0 49
Chris@0 50 /**
Chris@0 51 * Sets reverse proxy settings on Request object.
Chris@0 52 *
Chris@0 53 * @param \Symfony\Component\HttpFoundation\Request $request
Chris@0 54 * A Request instance.
Chris@0 55 * @param \Drupal\Core\Site\Settings $settings
Chris@0 56 * The site settings.
Chris@0 57 */
Chris@0 58 public static function setSettingsOnRequest(Request $request, Settings $settings) {
Chris@0 59 // Initialize proxy settings.
Chris@0 60 if ($settings->get('reverse_proxy', FALSE)) {
Chris@0 61 $proxies = $settings->get('reverse_proxy_addresses', []);
Chris@0 62 if (count($proxies) > 0) {
Chris@18 63 $deprecated_settings = [
Chris@18 64 'reverse_proxy_header' => Request::HEADER_X_FORWARDED_FOR,
Chris@18 65 'reverse_proxy_proto_header' => Request::HEADER_X_FORWARDED_PROTO,
Chris@18 66 'reverse_proxy_host_header' => Request::HEADER_X_FORWARDED_HOST,
Chris@18 67 'reverse_proxy_port_header' => Request::HEADER_X_FORWARDED_PORT,
Chris@18 68 'reverse_proxy_forwarded_header' => Request::HEADER_FORWARDED,
Chris@18 69 ];
Chris@18 70
Chris@18 71 $all = $settings->getAll();
Chris@18 72 // Set the default value. This is the most relaxed setting possible and
Chris@18 73 // not recommended for production.
Chris@18 74 $trusted_header_set = Request::HEADER_X_FORWARDED_ALL | Request::HEADER_FORWARDED;
Chris@18 75 foreach ($deprecated_settings as $deprecated_setting => $bit_value) {
Chris@18 76 if (array_key_exists($deprecated_setting, $all)) {
Chris@18 77 @trigger_error(sprintf("The '%s' setting in settings.php is deprecated in Drupal 8.7.0 and will be removed before Drupal 9.0.0. Use the 'reverse_proxy_trusted_headers' setting instead. See https://www.drupal.org/node/3030558", $deprecated_setting), E_USER_DEPRECATED);
Chris@18 78 $request::setTrustedHeaderName($bit_value, $all[$deprecated_setting]);
Chris@18 79 if ($all[$deprecated_setting] === NULL) {
Chris@18 80 // If the value is NULL do not trust the header.
Chris@18 81 $trusted_header_set &= ~$bit_value;
Chris@18 82 }
Chris@18 83 }
Chris@18 84 }
Chris@18 85
Chris@18 86 $request::setTrustedProxies(
Chris@18 87 $proxies,
Chris@18 88 $settings->get('reverse_proxy_trusted_headers', $trusted_header_set)
Chris@18 89 );
Chris@0 90 }
Chris@0 91 }
Chris@0 92 }
Chris@0 93
Chris@0 94 }