[FrameworkBundle][HttpKernel] Add support for SYMFONY_TRUSTED_PROXIES, SYMFONY_TRUSTED_HEADERS, SYMFONY_TRUST_X_SENDFILE_TYPE_HEADER and SYMFONY_TRUSTED_HOSTS env vars
#58161
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
f17dd43 to
4b817ea
Compare
nicolas-grekas
commented
Sep 3, 2024
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
Show resolved
Hide resolved
stof
reviewed
Sep 3, 2024
| @@ -745,11 +745,30 @@ private function preBoot(): ContainerInterface | |||
| $container = $this->container; | |||
|
|
|||
| if ($container->hasParameter('kernel.trusted_hosts') && $trustedHosts = $container->getParameter('kernel.trusted_hosts')) { | |||
| Request::setTrustedHosts($trustedHosts); | |||
| Request::setTrustedHosts(\is_array($trustedHosts) ? $trustedHosts : preg_split('/\s*+,\s*+(?![^{]*})/', $trustedHosts)); | |||
There was a problem hiding this comment.
shouldn't this check that the parameter is a string before using preg_split on it ? Especially during booting, we need the code to be robust against unexpected parameter values (an old cache with an unsupported parameter might prevent you from running cache:clear in the prod environment)
There was a problem hiding this comment.
we don't do it for the other parameters so I didn't bother
4b817ea to
84d9347
Compare
f2433c0 to
f838316
Compare
|
PR ready ;) |
…S`, `SYMFONY_TRUSTED_HEADERS`, `SYMFONY_TRUST_X_SENDFILE_TYPE_HEADER` and `SYMFONY_TRUSTED_HOSTS` env vars
f838316 to
60bd068
Compare
fabpot
approved these changes
Sep 25, 2024
|
Thank you @nicolas-grekas. |
nicolas-grekas
added a commit
that referenced
this pull request
Oct 4, 2024
…ereguiluz) This PR was squashed before being merged into the 7.2 branch. Discussion ---------- [FrameworkBundle] Simplify the configuration class | Q | A | ------------- | --- | Branch? | 7.2 | Bug fix? | no | New feature? | no | Deprecations? | no | Issues | - | License | MIT Spotted while documenting #58161. Commits ------- 429fc32 [FrameworkBundle] Simplify the configuration class
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding support for
SYMFONY_TRUSTED_PROXIES,SYMFONY_TRUSTED_HEADERS,SYMFONY_TRUST_X_SENDFILE_TYPE_HEADERandSYMFONY_TRUSTED_HOSTSenv vars.This PR proposes making the default configuration rely on these env var when the corresponding config options are not set.
This should make it easier to package or deploy Symfony apps together with a pre-configured web-server or reverse-proxy.