[HttpFoundation] Add PRIVATE_SUBNETS as a shortcut for private IP address ranges to Request::setTrustedProxies()
#58154
Conversation
9033e91 to
dbe2679
Compare
dbe2679 to
8a27bd7
Compare
PRIVATE_SUBNETS as a shortcut for private IP address ranges to Request::setTrustedProxies()
8a27bd7 to
c69c923
Compare
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
Show resolved
Hide resolved
c69c923 to
3fd2dd1
Compare
There was a problem hiding this comment.
While reading the code around, I realized that private_ranges for trusted proxies works only for explicit static configuration, aka env vars are not supported.
I fixed this by adding support for the PRIVATE_SUBNETS special value in setTrustedProxies, next to the already supported REMOTE_ADDR. Note the name and casing change, which look desired to me for consistency with REMOTE_ADDR. private_ranges is also supported for legacy reasons.
…ddress ranges to `Request::setTrustedProxies()`
3fd2dd1 to
6bd4b4a
Compare
| } | ||
| } | ||
|
|
||
| if (false !== ($i = array_search('PRIVATE_SUBNETS', $proxies, true)) || false !== ($i = array_search('private_ranges', $proxies, true))) { |
There was a problem hiding this comment.
should private_ranges be deprecated in favor of PRIVATE_SUBNETS or no ?
There was a problem hiding this comment.
I don't think it's worth the trouble for the community.
|
Hi, this improvement be retroactive up to and including 6.4, 7.0 and 7.1? |
|
New features are not backported to already released Symfony versions. You will have to upgrade to 7.2 to be able to use it. |
@nicolas-grekas sorry for the ping, will PRIVATE_SUBNETS and REMOTE_ADDR work with the new env vars SYMFONY_TRUSTED_PROXIES? |
|
They should yes. |
Let's save some memory allocations and callbacks when we can.
Tweaks #33574 and #52924