diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

don't call getTrustedHeaderName() if possible

Browse Source
This commit is contained in:
Christian Flothmann 2017-05-23 13:49:26 +02:00
parent aef39bcee5
commit 6350dab5bf
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
View File

@ -119,7 +119,11 @@ class InlineFragmentRenderer extends RoutableFragmentRenderer
// Sub-request object will point to localhost as client ip and real client ip
// will be included into trusted header for client ip
try {
if ($trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP, false)) {
if (Request::HEADER_X_FORWARDED_FOR & Request::getTrustedHeaderSet()) {
$currentXForwardedFor = $request->headers->get('X_FORWARDED_FOR', '');
$server['HTTP_X_FORWARDED_FOR'] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();
} elseif (method_exists(Request::class, 'getTrustedHeaderName') && $trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP, false)) {
$currentXForwardedFor = $request->headers->get($trustedHeaderName, '');
$server['HTTP_'.$trustedHeaderName] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();