Replace REMOTE_ADDR in trusted proxies with the current REMOTE_ADDR
This commit is contained in:
parent
41a450b727
commit
643c9ff257
@ -567,14 +567,22 @@ class Request
|
|||||||
*
|
*
|
||||||
* You should only list the reverse proxies that you manage directly.
|
* You should only list the reverse proxies that you manage directly.
|
||||||
*
|
*
|
||||||
* @param array $proxies A list of trusted proxies
|
* @param array $proxies A list of trusted proxies, the string 'REMOTE_ADDR' will be replaced with $_SERVER['REMOTE_ADDR']
|
||||||
* @param int $trustedHeaderSet A bit field of Request::HEADER_*, to set which headers to trust from your proxies
|
* @param int $trustedHeaderSet A bit field of Request::HEADER_*, to set which headers to trust from your proxies
|
||||||
*
|
*
|
||||||
* @throws \InvalidArgumentException When $trustedHeaderSet is invalid
|
* @throws \InvalidArgumentException When $trustedHeaderSet is invalid
|
||||||
*/
|
*/
|
||||||
public static function setTrustedProxies(array $proxies, int $trustedHeaderSet)
|
public static function setTrustedProxies(array $proxies, int $trustedHeaderSet)
|
||||||
{
|
{
|
||||||
self::$trustedProxies = $proxies;
|
self::$trustedProxies = array_reduce($proxies, function ($proxies, $proxy) {
|
||||||
|
if ('REMOTE_ADDR' !== $proxy) {
|
||||||
|
$proxies[] = $proxy;
|
||||||
|
} elseif (isset($_SERVER['REMOTE_ADDR'])) {
|
||||||
|
$proxies[] = $_SERVER['REMOTE_ADDR'];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $proxies;
|
||||||
|
}, []);
|
||||||
self::$trustedHeaderSet = $trustedHeaderSet;
|
self::$trustedHeaderSet = $trustedHeaderSet;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2324,6 +2324,26 @@ class RequestTest extends TestCase
|
|||||||
|
|
||||||
$this->assertSame(80, $request->getPort());
|
$this->assertSame(80, $request->getPort());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider trustedProxiesRemoteAddr
|
||||||
|
*/
|
||||||
|
public function testTrustedProxiesRemoteAddr($serverRemoteAddr, $trustedProxies, $result)
|
||||||
|
{
|
||||||
|
$_SERVER['REMOTE_ADDR'] = $serverRemoteAddr;
|
||||||
|
Request::setTrustedProxies($trustedProxies, Request::HEADER_X_FORWARDED_ALL);
|
||||||
|
$this->assertSame($result, Request::getTrustedProxies());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function trustedProxiesRemoteAddr()
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
['1.1.1.1', ['REMOTE_ADDR'], ['1.1.1.1']],
|
||||||
|
['1.1.1.1', ['REMOTE_ADDR', '2.2.2.2'], ['1.1.1.1', '2.2.2.2']],
|
||||||
|
[null, ['REMOTE_ADDR'], []],
|
||||||
|
[null, ['REMOTE_ADDR', '2.2.2.2'], ['2.2.2.2']],
|
||||||
|
];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class RequestContentProxy extends Request
|
class RequestContentProxy extends Request
|
||||||
|
Reference in New Issue
Block a user