Replace REMOTE_ADDR in trusted proxies with the current REMOTE_ADDR
This commit is contained in:
parent
41a450b727
commit
643c9ff257
@ -567,14 +567,22 @@ class Request
|
||||
*
|
||||
* You should only list the reverse proxies that you manage directly.
|
||||
*
|
||||
* @param array $proxies A list of trusted proxies
|
||||
* @param array $proxies A list of trusted proxies, the string 'REMOTE_ADDR' will be replaced with $_SERVER['REMOTE_ADDR']
|
||||
* @param int $trustedHeaderSet A bit field of Request::HEADER_*, to set which headers to trust from your proxies
|
||||
*
|
||||
* @throws \InvalidArgumentException When $trustedHeaderSet is invalid
|
||||
*/
|
||||
public static function setTrustedProxies(array $proxies, int $trustedHeaderSet)
|
||||
{
|
||||
self::$trustedProxies = $proxies;
|
||||
self::$trustedProxies = array_reduce($proxies, function ($proxies, $proxy) {
|
||||
if ('REMOTE_ADDR' !== $proxy) {
|
||||
$proxies[] = $proxy;
|
||||
} elseif (isset($_SERVER['REMOTE_ADDR'])) {
|
||||
$proxies[] = $_SERVER['REMOTE_ADDR'];
|
||||
}
|
||||
|
||||
return $proxies;
|
||||
}, []);
|
||||
self::$trustedHeaderSet = $trustedHeaderSet;
|
||||
}
|
||||
|
||||
|
@ -2324,6 +2324,26 @@ class RequestTest extends TestCase
|
||||
|
||||
$this->assertSame(80, $request->getPort());
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider trustedProxiesRemoteAddr
|
||||
*/
|
||||
public function testTrustedProxiesRemoteAddr($serverRemoteAddr, $trustedProxies, $result)
|
||||
{
|
||||
$_SERVER['REMOTE_ADDR'] = $serverRemoteAddr;
|
||||
Request::setTrustedProxies($trustedProxies, Request::HEADER_X_FORWARDED_ALL);
|
||||
$this->assertSame($result, Request::getTrustedProxies());
|
||||
}
|
||||
|
||||
public function trustedProxiesRemoteAddr()
|
||||
{
|
||||
return [
|
||||
['1.1.1.1', ['REMOTE_ADDR'], ['1.1.1.1']],
|
||||
['1.1.1.1', ['REMOTE_ADDR', '2.2.2.2'], ['1.1.1.1', '2.2.2.2']],
|
||||
[null, ['REMOTE_ADDR'], []],
|
||||
[null, ['REMOTE_ADDR', '2.2.2.2'], ['2.2.2.2']],
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
class RequestContentProxy extends Request
|
||||
|
Reference in New Issue
Block a user