@@ -24,19 +24,61 @@ Solution: ``setTrustedProxies()``
2424To fix this, you need to tell Symfony which reverse proxy IP addresses to trust
2525and what headers your reverse proxy uses to send information::
2626
27- .. config-block :: yaml
28-
29- # config/packages/framework.yaml
30- framework:
31- # ...
32- // the IP address (or range) of your proxy
33- trusted_proxies: '192.0.0.1,10.0.0.0/8'
34- // trust *all * "X-Forwarded-*" headers (the ! prefix means to not trust those headers)
35- trusted_headers: ['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix']
36- // or, if your proxy instead uses the "Forwarded" header
37- trusted_headers: ['forwarded', '!x-forwarded-host', '!x-forwarded-prefix']
38- // or, if you're using AWS ELB
39- trusted_headers: [!php/const Symfony\\ Component\\ HttpFoundation\\ Request::HEADER_X_FORWARDED_AWS_ELB, '!x-forwarded-host', '!x-forwarded-prefix']
27+ .. configuration-block ::
28+
29+ .. config-block :: yaml
30+
31+ # config/packages/framework.yaml
32+ framework:
33+ # ...
34+ // the IP address (or range) of your proxy
35+ trusted_proxies: '192.0.0.1,10.0.0.0/8'
36+ // trust *all * "X-Forwarded-*" headers (the ! prefix means to not trust those headers)
37+ trusted_headers: ['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix']
38+ // or, if your proxy instead uses the "Forwarded" header
39+ trusted_headers: ['forwarded', '!x-forwarded-host', '!x-forwarded-prefix']
40+ // or, if you're using AWS ELB
41+ trusted_headers: [!php/const Symfony\\ Component\\ HttpFoundation\\ Request::HEADER_X_FORWARDED_AWS_ELB, '!x-forwarded-host', '!x-forwarded-prefix']
42+
43+ .. config-block :: xml
44+
45+ <!-- config/packages/framework.xml -->
46+ <?xml version="1.0" encoding="UTF-8" ?>
47+ <container xmlns="http://symfony.com/schema/dic/services"
48+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
49+ xmlns:framework="http://symfony.com/schema/dic/symfony"
50+ xsi:schemaLocation="http://symfony.com/schema/dic/services
51+ https://symfony.com/schema/dic/services/services-1.0.xsd
52+ http://symfony.com/schema/dic/symfony
53+ https://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
54+
55+ <framework:config>
56+ <!-- the IP address (or range) of your proxy -->
57+ <framework:trusted-proxies>192.0.0.1,10.0.0.0/8</framework:trusted-proxies>
58+ <!-- trust *all * "X-Forwarded-*" headers (the ! prefix means to not trust those headers) -->
59+ <framework:trusted-headers>['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix']</framework:trusted-headers>
60+ <!-- or, if your proxy instead uses the "Forwarded" header -->
61+ <framework:trusted-headers>['forwarded', '!x-forwarded-host', '!x-forwarded-prefix']</framework:trusted-headers>
62+ <!-- or, if you're using AWS ELB -->
63+ <framework:trusted-headers>[!php/const Symfony\\ Component\\ HttpFoundation\\ Request::HEADER_X_FORWARDED_AWS_ELB, '!x-forwarded-host', '!x-forwarded-prefix']</framework:trusted-headers>
64+ </framework:config>
65+ </container>
66+
67+ .. config-block :: php
68+
69+ // config/packages/framework.php
70+ use Symfony\C omponent\H ttpFoundation\R equest;
71+
72+ $container->loadFromExtension('framework', [
73+ // the IP address (or range) of your proxy
74+ 'trusted_proxies' => '192.0.0.1,10.0.0.0/8',
75+ // trust *all * "X-Forwarded-*" headers (the ! prefix means to not trust those headers)
76+ 'trusted_headers' => ['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix'],
77+ // or, if your proxy instead uses the "Forwarded" header
78+ 'trusted_headers' => ['forwarded', '!x-forwarded-host', '!x-forwarded-prefix'],
79+ // or, if you're using AWS ELB
80+ 'trusted_headers' => [Request::HEADER_X_FORWARDED_AWS_ELB, '!x-forwarded-host', '!x-forwarded-prefix'],
81+ ]);
4082
4183The Request object has several ``Request::HEADER_* `` constants that control exactly
4284*which * headers from your reverse proxy are trusted. The argument is a bit field,
0 commit comments