Skip to content

Commit 8dcbaa5

Browse files
javiereguiluzjaviereguiluz
committed
Minor reword
1 parent 7f65dc8 commit 8dcbaa5

File tree

1 file changed

+14
-10
lines changed

1 file changed

+14
-10
lines changed

deployment/proxies.rst

+14-10
Original file line numberDiff line numberDiff line change
@@ -137,23 +137,27 @@ these (see ":doc:`/components/http_foundation/trusting_proxies`").
137137

138138
The code for doing this will need to live in your front controller (e.g. ``web/app.php``).
139139

140+
My Reverse Proxy Does not Provide All the Standards Headers
141+
-----------------------------------------------------------
140142

141-
My Reverse Proxy do not provide all the standards headers
142-
---------------------------------------------------------
143-
For example, as AWS Elastic Load Balancing provide standard header but no X-Forwarded-Host and X-Forwarded, you should use this configuration your front controller::
144-
.. code-block:: diff
143+
AWS Elastic Load Balancing for example does not provide the ``X-Forwarded-Host``
144+
and ``X-Forwarded`` HTTP headers, so you must make the following changes in the
145+
front controller::
146+
147+
.. code-block:: diff
145148

146149
// web/app.php
147150

148151
// ...
149152
$request = Request::createFromGlobals();
150-
+ Request::setTrustedProxies(array('127.0.0.1', $request->server->get('REMOTE_ADDR'))); //be very careful with this line, see the above chapter "But what if the IP of my Reverse Proxy Changes Constantly!"
151-
+
152-
+ Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, null);// AWS ELB doesn't send X-Forwarded-Host
153-
+ Request::setTrustedHeaderName(Request::HEADER_FORWARDED, null);// AWS ELB doesn't use RFC 7239
154-
153+
// be very careful with the next line; see "But what if the IP of my Reverse Proxy Changes Constantly!"
154+
+ Request::setTrustedProxies(array('127.0.0.1', $request->server->get('REMOTE_ADDR')));
155+
// the next line is needed because AWS ELB doesn't send X-Forwarded-Host
156+
+ Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, null);
157+
// the next line is needed because AWS ELB doesn't use RFC 7239
158+
+ Request::setTrustedHeaderName(Request::HEADER_FORWARDED, null);
159+
155160
// ...
156-
157161

158162
.. _`security groups`: http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html
159163
.. _`RFC 7239`: http://tools.ietf.org/html/rfc7239

0 commit comments

Comments
 (0)