[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This commit is contained in:
parent
cb12e323a5
commit
9a2b2de64f
@ -962,7 +962,7 @@ class Request
|
|||||||
{
|
{
|
||||||
if ($this->isFromTrustedProxy()) {
|
if ($this->isFromTrustedProxy()) {
|
||||||
if (self::$trustedHeaders[self::HEADER_CLIENT_PORT] && $port = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PORT])) {
|
if (self::$trustedHeaders[self::HEADER_CLIENT_PORT] && $port = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PORT])) {
|
||||||
return $port;
|
return (int) $port;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (self::$trustedHeaders[self::HEADER_CLIENT_PROTO] && 'https' === $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PROTO], 'http')) {
|
if (self::$trustedHeaders[self::HEADER_CLIENT_PROTO] && 'https' === $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PROTO], 'http')) {
|
||||||
@ -1211,9 +1211,9 @@ class Request
|
|||||||
public function getHost()
|
public function getHost()
|
||||||
{
|
{
|
||||||
if ($this->isFromTrustedProxy() && self::$trustedHeaders[self::HEADER_CLIENT_HOST] && $host = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_HOST])) {
|
if ($this->isFromTrustedProxy() && self::$trustedHeaders[self::HEADER_CLIENT_HOST] && $host = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_HOST])) {
|
||||||
$elements = explode(',', $host);
|
$elements = explode(',', $host, 2);
|
||||||
|
|
||||||
$host = $elements[count($elements) - 1];
|
$host = $elements[0];
|
||||||
} elseif (!$host = $this->headers->get('HOST')) {
|
} elseif (!$host = $this->headers->get('HOST')) {
|
||||||
if (!$host = $this->server->get('SERVER_NAME')) {
|
if (!$host = $this->server->get('SERVER_NAME')) {
|
||||||
$host = $this->server->get('SERVER_ADDR', '');
|
$host = $this->server->get('SERVER_ADDR', '');
|
||||||
|
@ -1631,7 +1631,7 @@ class RequestTest extends TestCase
|
|||||||
$request = Request::create('http://example.com/');
|
$request = Request::create('http://example.com/');
|
||||||
$request->server->set('REMOTE_ADDR', '3.3.3.3');
|
$request->server->set('REMOTE_ADDR', '3.3.3.3');
|
||||||
$request->headers->set('X_FORWARDED_FOR', '1.1.1.1, 2.2.2.2');
|
$request->headers->set('X_FORWARDED_FOR', '1.1.1.1, 2.2.2.2');
|
||||||
$request->headers->set('X_FORWARDED_HOST', 'foo.example.com, real.example.com:8080');
|
$request->headers->set('X_FORWARDED_HOST', 'foo.example.com:1234, real.example.com:8080');
|
||||||
$request->headers->set('X_FORWARDED_PROTO', 'https');
|
$request->headers->set('X_FORWARDED_PROTO', 'https');
|
||||||
$request->headers->set('X_FORWARDED_PORT', 443);
|
$request->headers->set('X_FORWARDED_PORT', 443);
|
||||||
$request->headers->set('X_MY_FOR', '3.3.3.3, 4.4.4.4');
|
$request->headers->set('X_MY_FOR', '3.3.3.3, 4.4.4.4');
|
||||||
@ -1662,7 +1662,7 @@ class RequestTest extends TestCase
|
|||||||
// trusted proxy via setTrustedProxies()
|
// trusted proxy via setTrustedProxies()
|
||||||
Request::setTrustedProxies(array('3.3.3.3', '2.2.2.2'));
|
Request::setTrustedProxies(array('3.3.3.3', '2.2.2.2'));
|
||||||
$this->assertEquals('1.1.1.1', $request->getClientIp());
|
$this->assertEquals('1.1.1.1', $request->getClientIp());
|
||||||
$this->assertEquals('real.example.com', $request->getHost());
|
$this->assertEquals('foo.example.com', $request->getHost());
|
||||||
$this->assertEquals(443, $request->getPort());
|
$this->assertEquals(443, $request->getPort());
|
||||||
$this->assertTrue($request->isSecure());
|
$this->assertTrue($request->isSecure());
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user