From 2ef48594668f3b85fec16d63152d092147a2f179 Mon Sep 17 00:00:00 2001 From: Alexey Skobkin Date: Mon, 11 Jul 2022 00:47:02 +0300 Subject: [PATCH] Trusted proxies. (!11) Reviewed-on: https://git.skobk.in/skobkin/magnetico-web/pulls/11 --- .env | 4 ++++ config/packages/framework.yaml | 3 +++ 2 files changed, 7 insertions(+) diff --git a/.env b/.env index 06386d7..8a0b331 100644 --- a/.env +++ b/.env @@ -42,3 +42,7 @@ MAILER_FROM=no-reply@magnetico-web.tld EWZ_RECAPTCHA_SITE_KEY= EWZ_RECAPTCHA_SECRET= ###< excelwebzone/recaptcha-bundle ### + +# Run this app only behind reverse-proxy if this is set! +# https://symfony.com/doc/5.4/deployment/proxies.html#but-what-if-the-ip-of-my-reverse-proxy-changes-constantly +TRUSTED_PROXIES=127.0.0.1 diff --git a/config/packages/framework.yaml b/config/packages/framework.yaml index 7853e9e..968d6e0 100644 --- a/config/packages/framework.yaml +++ b/config/packages/framework.yaml @@ -4,6 +4,9 @@ framework: #csrf_protection: true http_method_override: false + # https://symfony.com/doc/5.4/deployment/proxies.html#but-what-if-the-ip-of-my-reverse-proxy-changes-constantly + trusted_proxies: '%env(TRUSTED_PROXIES)%' + # Enables session support. Note that the session will ONLY be started if you read or write from it. # Remove or comment this section to explicitly disable session support. session: