David A. Windham
david
/
laravel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

add trust proxy middleware

Taylor Otwell 7 years ago
parent
864a82918e
commit
e23a1d284f
6 changed files with 41 additions and 10 deletions
Split View Show Diff Stats
  1. 1 0
      app/Http/Kernel.php
  2. 2 2
      app/Http/Middleware/EncryptCookies.php
  3. 2 2
      app/Http/Middleware/TrimStrings.php
  4. 29 0
      app/Http/Middleware/TrustProxies.php
  5. 2 2
      app/Http/Middleware/VerifyCsrfToken.php
  6. 5 4
      composer.json

+ 1 - 0
app/Http/Kernel.php
View File 

@@ -18,6 +18,7 @@ class Kernel extends HttpKernel
 
         \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
 
         \App\Http\Middleware\TrimStrings::class,
 
         \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
 
+        \App\Http\Middleware\TrustProxies::class,
 
     ];
 
 
     /**

+ 2 - 2
app/Http/Middleware/EncryptCookies.php
View File 

@@ -2,9 +2,9 @@
 
 
 namespace App\Http\Middleware;
 
 
-use Illuminate\Cookie\Middleware\EncryptCookies as BaseEncrypter;
 
+use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
 
 
-class EncryptCookies extends BaseEncrypter
 
+class EncryptCookies extends Middleware
 
 {
 
     /**
 
      * The names of the cookies that should not be encrypted.

+ 2 - 2
app/Http/Middleware/TrimStrings.php
View File 

@@ -2,9 +2,9 @@
 
 
 namespace App\Http\Middleware;
 
 
-use Illuminate\Foundation\Http\Middleware\TrimStrings as BaseTrimmer;
 
+use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
 
 
-class TrimStrings extends BaseTrimmer
 
+class TrimStrings extends Middleware
 
 {
 
     /**
 
      * The names of the attributes that should not be trimmed.

+ 29 - 0
app/Http/Middleware/TrustProxies.php
View File 

@@ -0,0 +1,29 @@
 
+<?php
 
+
 
+namespace App\Http\Middleware;
 
+
 
+use Illuminate\Http\Request;
 
+use Fideloper\Proxy\TrustProxies as Middleware;
 
+
 
+class TrustProxies extends Middleware
 
+{
 
+    /**
 
+     * The trusted proxies for the application.
 
+     *
 
+     * @var array
 
+     */
 
+    protected $proxies;
 
+
 
+    /**
 
+     * The proxy header mappings.
 
+     *
 
+     * @var array
 
+     */
 
+    protected $headers = [
 
+        Request::HEADER_FORWARDED => 'FORWARDED',
 
+        Request::HEADER_CLIENT_IP => 'X_FORWARDED_FOR',
 
+        Request::HEADER_CLIENT_HOST => 'X_FORWARDED_HOST',
 
+        Request::HEADER_CLIENT_PORT => 'X_FORWARDED_PORT',
 
+        Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
 
+    ];
 
+}

+ 2 - 2
app/Http/Middleware/VerifyCsrfToken.php
View File 

@@ -2,9 +2,9 @@
 
 
 namespace App\Http\Middleware;
 
 
-use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
 
+use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
 
 
-class VerifyCsrfToken extends BaseVerifier
 
+class VerifyCsrfToken extends Middleware
 
 {
 
     /**
 
      * The URIs that should be excluded from CSRF verification.

+ 5 - 4
composer.json
View File 

@@ -5,14 +5,15 @@
 
     "license": "MIT",
 
     "type": "project",
 
     "require": {
 
-        "php": ">=5.6.4",
 
-        "laravel/framework": "5.4.*",
 
-        "laravel/tinker": "~1.0"
 
+        "php": ">=7.0.0",
 
+        "laravel/framework": "5.5.*",
 
+        "laravel/tinker": "~1.0",
 
+        "fideloper/proxy": "~3.3"
 
     },
 
     "require-dev": {
 
         "fzaninotto/faker": "~1.4",
 
         "mockery/mockery": "0.9.*",
 
-        "phpunit/phpunit": "~5.0"
 
+        "phpunit/phpunit": "~6.0"
 
     },
 
     "autoload": {
 
         "classmap": [