Make sure HttpCache is a trusted proxy
This commit is contained in:
parent
7b6161cec6
commit
ca65362b9b
@ -462,6 +462,12 @@ class HttpCache implements HttpKernelInterface, TerminableInterface
|
|||||||
// is always called from the same process as the backend.
|
// is always called from the same process as the backend.
|
||||||
$request->server->set('REMOTE_ADDR', '127.0.0.1');
|
$request->server->set('REMOTE_ADDR', '127.0.0.1');
|
||||||
|
|
||||||
|
// make sure HttpCache is a trusted proxy
|
||||||
|
if (!in_array('127.0.0.1', $trustedProxies = Request::getTrustedProxies())) {
|
||||||
|
$trustedProxies[] = '127.0.0.1';
|
||||||
|
Request::setTrustedProxies($trustedProxies);
|
||||||
|
}
|
||||||
|
|
||||||
// always a "master" request (as the real master request can be in cache)
|
// always a "master" request (as the real master request can be in cache)
|
||||||
$response = $this->kernel->handle($request, HttpKernelInterface::MASTER_REQUEST, $catch);
|
$response = $this->kernel->handle($request, HttpKernelInterface::MASTER_REQUEST, $catch);
|
||||||
// FIXME: we probably need to also catch exceptions if raw === true
|
// FIXME: we probably need to also catch exceptions if raw === true
|
||||||
|
@ -1155,6 +1155,28 @@ class HttpCacheTest extends HttpCacheTestCase
|
|||||||
$this->assertEquals('127.0.0.1', $this->kernel->getBackendRequest()->server->get('REMOTE_ADDR'));
|
$this->assertEquals('127.0.0.1', $this->kernel->getBackendRequest()->server->get('REMOTE_ADDR'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider getTrustedProxyData
|
||||||
|
*/
|
||||||
|
public function testHttpCacheIsSetAsATrustedProxy(array $existing, array $expected)
|
||||||
|
{
|
||||||
|
Request::setTrustedProxies($existing);
|
||||||
|
|
||||||
|
$this->setNextResponse();
|
||||||
|
$this->request('GET', '/', array('REMOTE_ADDR' => '10.0.0.1'));
|
||||||
|
|
||||||
|
$this->assertEquals($expected, Request::getTrustedProxies());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getTrustedProxyData()
|
||||||
|
{
|
||||||
|
return array(
|
||||||
|
array(array(), array('127.0.0.1')),
|
||||||
|
array(array('10.0.0.2'), array('10.0.0.2', '127.0.0.1')),
|
||||||
|
array(array('10.0.0.2', '127.0.0.1'), array('10.0.0.2', '127.0.0.1')),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @dataProvider getXForwardedForData
|
* @dataProvider getXForwardedForData
|
||||||
*/
|
*/
|
||||||
|
Reference in New Issue
Block a user