12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 |
- <?php
- namespace Drupal\Core\StackMiddleware;
- use Drupal\Core\Site\Settings;
- use Symfony\Component\HttpFoundation\Request;
- use Symfony\Component\HttpKernel\HttpKernelInterface;
- /**
- * Provides support for reverse proxies.
- */
- class ReverseProxyMiddleware implements HttpKernelInterface {
- /**
- * The decorated kernel.
- *
- * @var \Symfony\Component\HttpKernel\HttpKernelInterface
- */
- protected $httpKernel;
- /**
- * The site settings.
- *
- * @var \Drupal\Core\Site\Settings
- */
- protected $settings;
- /**
- * Constructs a ReverseProxyMiddleware object.
- *
- * @param \Symfony\Component\HttpKernel\HttpKernelInterface $http_kernel
- * The decorated kernel.
- * @param \Drupal\Core\Site\Settings $settings
- * The site settings.
- */
- public function __construct(HttpKernelInterface $http_kernel, Settings $settings) {
- $this->httpKernel = $http_kernel;
- $this->settings = $settings;
- }
- /**
- * {@inheritdoc}
- */
- public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {
- // Initialize proxy settings.
- static::setSettingsOnRequest($request, $this->settings);
- return $this->httpKernel->handle($request, $type, $catch);
- }
- /**
- * Sets reverse proxy settings on Request object.
- *
- * @param \Symfony\Component\HttpFoundation\Request $request
- * A Request instance.
- * @param \Drupal\Core\Site\Settings $settings
- * The site settings.
- */
- public static function setSettingsOnRequest(Request $request, Settings $settings) {
- // Initialize proxy settings.
- if ($settings->get('reverse_proxy', FALSE)) {
- $proxies = $settings->get('reverse_proxy_addresses', []);
- if (count($proxies) > 0) {
- $deprecated_settings = [
- 'reverse_proxy_header' => Request::HEADER_X_FORWARDED_FOR,
- 'reverse_proxy_proto_header' => Request::HEADER_X_FORWARDED_PROTO,
- 'reverse_proxy_host_header' => Request::HEADER_X_FORWARDED_HOST,
- 'reverse_proxy_port_header' => Request::HEADER_X_FORWARDED_PORT,
- 'reverse_proxy_forwarded_header' => Request::HEADER_FORWARDED,
- ];
- $all = $settings->getAll();
- // Set the default value. This is the most relaxed setting possible and
- // not recommended for production.
- $trusted_header_set = Request::HEADER_X_FORWARDED_ALL | Request::HEADER_FORWARDED;
- foreach ($deprecated_settings as $deprecated_setting => $bit_value) {
- if (array_key_exists($deprecated_setting, $all)) {
- @trigger_error(sprintf("The '%s' setting in settings.php is deprecated in Drupal 8.7.0 and will be removed before Drupal 9.0.0. Use the 'reverse_proxy_trusted_headers' setting instead. See https://www.drupal.org/node/3030558", $deprecated_setting), E_USER_DEPRECATED);
- $request::setTrustedHeaderName($bit_value, $all[$deprecated_setting]);
- if ($all[$deprecated_setting] === NULL) {
- // If the value is NULL do not trust the header.
- $trusted_header_set &= ~$bit_value;
- }
- }
- }
- $request::setTrustedProxies(
- $proxies,
- $settings->get('reverse_proxy_trusted_headers', $trusted_header_set)
- );
- }
- }
- }
- }
|