You are here

public static function ReverseProxyMiddleware::setSettingsOnRequest in Drupal 8

Same name and namespace in other branches
  1. 9 core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php \Drupal\Core\StackMiddleware\ReverseProxyMiddleware::setSettingsOnRequest()
  2. 10 core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php \Drupal\Core\StackMiddleware\ReverseProxyMiddleware::setSettingsOnRequest()

Sets reverse proxy settings on Request object.

Parameters

\Symfony\Component\HttpFoundation\Request $request: A Request instance.

\Drupal\Core\Site\Settings $settings: The site settings.

3 calls to ReverseProxyMiddleware::setSettingsOnRequest()
install_begin_request in core/includes/install.core.inc
Begins an installation request, modifying the installation state as needed.
ReverseProxyMiddleware::handle in core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php
Handles a Request to convert it to a Response.
UpdateKernel::handle in core/lib/Drupal/Core/Update/UpdateKernel.php
Handles a Request to convert it to a Response.

File

core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php, line 58

Class

ReverseProxyMiddleware
Provides support for reverse proxies.

Namespace

Drupal\Core\StackMiddleware

Code

public static function setSettingsOnRequest(Request $request, Settings $settings) {

  // Initialize proxy settings.
  if ($settings
    ->get('reverse_proxy', FALSE)) {
    $proxies = $settings
      ->get('reverse_proxy_addresses', []);
    if (count($proxies) > 0) {
      $deprecated_settings = [
        'reverse_proxy_header' => Request::HEADER_X_FORWARDED_FOR,
        'reverse_proxy_proto_header' => Request::HEADER_X_FORWARDED_PROTO,
        'reverse_proxy_host_header' => Request::HEADER_X_FORWARDED_HOST,
        'reverse_proxy_port_header' => Request::HEADER_X_FORWARDED_PORT,
        'reverse_proxy_forwarded_header' => Request::HEADER_FORWARDED,
      ];
      $all = $settings
        ->getAll();

      // Set the default value. This is the most relaxed setting possible and
      // not recommended for production.
      $trusted_header_set = Request::HEADER_X_FORWARDED_ALL | Request::HEADER_FORWARDED;
      foreach ($deprecated_settings as $deprecated_setting => $bit_value) {
        if (array_key_exists($deprecated_setting, $all)) {
          @trigger_error(sprintf("The '%s' setting in settings.php is deprecated in Drupal 8.7.0 and will be removed before Drupal 9.0.0. Use the 'reverse_proxy_trusted_headers' setting instead. See https://www.drupal.org/node/3030558", $deprecated_setting), E_USER_DEPRECATED);
          $request::setTrustedHeaderName($bit_value, $all[$deprecated_setting]);
          if ($all[$deprecated_setting] === NULL) {

            // If the value is NULL do not trust the header.
            $trusted_header_set &= ~$bit_value;
          }
        }
      }
      $request::setTrustedProxies($proxies, $settings
        ->get('reverse_proxy_trusted_headers', $trusted_header_set));
    }
  }
}