diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml b/src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml
index c1f73e5610..9b2f3cb3a4 100644
--- a/src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml
+++ b/src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml
@@ -46,9 +46,5 @@
-
-
-
-
diff --git a/src/Symfony/Bundle/FrameworkBundle/composer.json b/src/Symfony/Bundle/FrameworkBundle/composer.json
index 8fdc4caf78..bcfce7b707 100644
--- a/src/Symfony/Bundle/FrameworkBundle/composer.json
+++ b/src/Symfony/Bundle/FrameworkBundle/composer.json
@@ -23,7 +23,7 @@
"symfony/event-dispatcher": "~2.5",
"symfony/finder": "~2.0,>=2.0.5",
"symfony/http-foundation": "~2.4.9|~2.5,>=2.5.4",
- "symfony/http-kernel": "~2.7,>=2.7.15",
+ "symfony/http-kernel": "~2.7",
"symfony/filesystem": "~2.3",
"symfony/routing": "~2.6,>2.6.4",
"symfony/security-core": "~2.6.13|~2.7.9|~2.8",
diff --git a/src/Symfony/Component/HttpKernel/EventListener/ValidateRequestListener.php b/src/Symfony/Component/HttpKernel/EventListener/ValidateRequestListener.php
deleted file mode 100644
index 6316b77ffe..0000000000
--- a/src/Symfony/Component/HttpKernel/EventListener/ValidateRequestListener.php
+++ /dev/null
@@ -1,56 +0,0 @@
-
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-
-namespace Symfony\Component\HttpKernel\EventListener;
-
-use Symfony\Component\EventDispatcher\EventSubscriberInterface;
-use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
-use Symfony\Component\HttpKernel\Event\GetResponseEvent;
-use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
-use Symfony\Component\HttpKernel\KernelEvents;
-
-/**
- * Validates that the headers and other information indicating the
- * client IP address of a request are consistent.
- *
- * @author Magnus Nordlander
- */
-class ValidateRequestListener implements EventSubscriberInterface
-{
- /**
- * Performs the validation.
- *
- * @param GetResponseEvent $event
- */
- public function onKernelRequest(GetResponseEvent $event)
- {
- if ($event->isMasterRequest()) {
- try {
- // This will throw an exception if the headers are inconsistent.
- $event->getRequest()->getClientIps();
- } catch (ConflictingHeadersException $e) {
- throw new BadRequestHttpException('The request headers contain conflicting information regarding the origin of this request.', $e);
- }
- }
- }
-
- /**
- * {@inheritdoc}
- */
- public static function getSubscribedEvents()
- {
- return array(
- KernelEvents::REQUEST => array(
- array('onKernelRequest', 256),
- ),
- );
- }
-}
diff --git a/src/Symfony/Component/HttpKernel/HttpKernel.php b/src/Symfony/Component/HttpKernel/HttpKernel.php
index 1600b2ce59..2b8146127e 100644
--- a/src/Symfony/Component/HttpKernel/HttpKernel.php
+++ b/src/Symfony/Component/HttpKernel/HttpKernel.php
@@ -12,6 +12,7 @@
namespace Symfony\Component\HttpKernel;
use Symfony\Component\HttpKernel\Controller\ControllerResolverInterface;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
@@ -21,6 +22,7 @@ use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpKernel\Event\GetResponseForControllerResultEvent;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
use Symfony\Component\HttpKernel\Event\PostResponseEvent;
+use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Response;
@@ -113,6 +115,13 @@ class HttpKernel implements HttpKernelInterface, TerminableInterface
*/
private function handleRaw(Request $request, $type = self::MASTER_REQUEST)
{
+ if (self::MASTER_REQUEST === $type && $request::getTrustedProxies()) {
+ try {
+ $request->getClientIps();
+ } catch (ConflictingHeadersException $e) {
+ throw new BadRequestHttpException('The request headers contain conflicting information regarding the origin of this request.', $e);
+ }
+ }
$this->requestStack->push($request);
// request
diff --git a/src/Symfony/Component/HttpKernel/Tests/EventListener/ValidateRequestListenerTest.php b/src/Symfony/Component/HttpKernel/Tests/EventListener/ValidateRequestListenerTest.php
deleted file mode 100644
index 78874ab73f..0000000000
--- a/src/Symfony/Component/HttpKernel/Tests/EventListener/ValidateRequestListenerTest.php
+++ /dev/null
@@ -1,66 +0,0 @@
-
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-
-namespace Symfony\Component\HttpKernel\Tests\EventListener;
-
-use Symfony\Component\EventDispatcher\EventDispatcher;
-use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
-use Symfony\Component\HttpKernel\EventListener\ValidateRequestListener;
-use Symfony\Component\HttpKernel\Event\GetResponseEvent;
-use Symfony\Component\HttpKernel\HttpKernelInterface;
-use Symfony\Component\HttpKernel\KernelEvents;
-
-class ValidateRequestListenerTest extends \PHPUnit_Framework_TestCase
-{
- public function testListenerThrowsWhenMasterRequestHasInconsistentClientIps()
- {
- $dispatcher = new EventDispatcher();
- $kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
- $listener = new ValidateRequestListener();
- $request = $this->getMock('Symfony\Component\HttpFoundation\Request');
- $request->method('getClientIps')
- ->will($this->throwException(new ConflictingHeadersException()));
-
- $dispatcher->addListener(KernelEvents::REQUEST, array($listener, 'onKernelRequest'));
- $event = new GetResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST);
-
- $this->setExpectedException('Symfony\Component\HttpKernel\Exception\BadRequestHttpException');
- $dispatcher->dispatch(KernelEvents::REQUEST, $event);
- }
-
- public function testListenerDoesNothingOnValidRequests()
- {
- $dispatcher = new EventDispatcher();
- $kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
- $listener = new ValidateRequestListener();
- $request = $this->getMock('Symfony\Component\HttpFoundation\Request');
- $request->method('getClientIps')
- ->willReturn(array('127.0.0.1'));
-
- $dispatcher->addListener(KernelEvents::REQUEST, array($listener, 'onKernelRequest'));
- $event = new GetResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST);
- $dispatcher->dispatch(KernelEvents::REQUEST, $event);
- }
-
- public function testListenerDoesNothingOnSubrequests()
- {
- $dispatcher = new EventDispatcher();
- $kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
- $listener = new ValidateRequestListener();
- $request = $this->getMock('Symfony\Component\HttpFoundation\Request');
- $request->method('getClientIps')
- ->will($this->throwException(new ConflictingHeadersException()));
-
- $dispatcher->addListener(KernelEvents::REQUEST, array($listener, 'onKernelRequest'));
- $event = new GetResponseEvent($kernel, $request, HttpKernelInterface::SUB_REQUEST);
- $dispatcher->dispatch(KernelEvents::REQUEST, $event);
- }
-}
diff --git a/src/Symfony/Component/HttpKernel/Tests/HttpKernelTest.php b/src/Symfony/Component/HttpKernel/Tests/HttpKernelTest.php
index 97e68f66f9..59c1d33425 100644
--- a/src/Symfony/Component/HttpKernel/Tests/HttpKernelTest.php
+++ b/src/Symfony/Component/HttpKernel/Tests/HttpKernelTest.php
@@ -271,6 +271,33 @@ class HttpKernelTest extends \PHPUnit_Framework_TestCase
$kernel->handle($request, HttpKernelInterface::MASTER_REQUEST);
}
+ /**
+ * @expectedException Symfony\Component\HttpKernel\Exception\BadRequestHttpException
+ */
+ public function testInconsistentClientIpsOnMasterRequests()
+ {
+ $kernel = new HttpKernel(new EventDispatcher(), $this->getResolver());
+ $request = new Request();
+ $request->setTrustedProxies(array('1.1.1.1'));
+ $request->server->set('REMOTE_ADDR', '1.1.1.1');
+ $request->headers->set('FORWARDED', '2.2.2.2');
+ $request->headers->set('X_FORWARDED_FOR', '3.3.3.3');
+
+ $kernel->handle($request, $kernel::MASTER_REQUEST, false);
+ }
+
+ public function testInconsistentClientIpsOnSubRequests()
+ {
+ $kernel = new HttpKernel(new EventDispatcher(), $this->getResolver());
+ $request = new Request();
+ $request->setTrustedProxies(array('1.1.1.1'));
+ $request->server->set('REMOTE_ADDR', '1.1.1.1');
+ $request->headers->set('FORWARDED', '2.2.2.2');
+ $request->headers->set('X_FORWARDED_FOR', '3.3.3.3');
+
+ $this->assertInstanceOf('Symfony\Component\HttpFoundation\Response', $kernel->handle($request, $kernel::SUB_REQUEST, false));
+ }
+
protected function getResolver($controller = null)
{
if (null === $controller) {
diff --git a/src/Symfony/Component/HttpKernel/composer.json b/src/Symfony/Component/HttpKernel/composer.json
index 2c7c829989..1774b641e3 100644
--- a/src/Symfony/Component/HttpKernel/composer.json
+++ b/src/Symfony/Component/HttpKernel/composer.json
@@ -18,7 +18,7 @@
"require": {
"php": ">=5.3.9",
"symfony/event-dispatcher": "~2.6,>=2.6.7",
- "symfony/http-foundation": "~2.7,>=2.7.15",
+ "symfony/http-foundation": "~2.7.15|~2.8.8",
"symfony/debug": "~2.6,>=2.6.2",
"psr/log": "~1.0"
},