/**
* @author Nicolas Grekas <p@tchwork.com>
*
* @internal
*/
class SubRequestHandler{ public static function handle(HttpKernelInterface
$kernel, Request
$request, int
$type, bool
$catch): Response
{ // save global state related to trusted headers and proxies
$trustedProxies = Request::
getTrustedProxies();
$trustedHeaderSet = Request::
getTrustedHeaderSet();
// remove untrusted values
$remoteAddr =
$request->server->
get('REMOTE_ADDR'
);
if (!
$remoteAddr || !IpUtils::
checkIp($remoteAddr,
$trustedProxies)) { $trustedHeaders =
[ 'FORWARDED' =>
$trustedHeaderSet & Request::HEADER_FORWARDED,
'X_FORWARDED_FOR' =>
$trustedHeaderSet & Request::HEADER_X_FORWARDED_FOR,
'X_FORWARDED_HOST' =>
$trustedHeaderSet & Request::HEADER_X_FORWARDED_HOST,
'X_FORWARDED_PROTO' =>
$trustedHeaderSet & Request::HEADER_X_FORWARDED_PROTO,
'X_FORWARDED_PORT' =>
$trustedHeaderSet & Request::HEADER_X_FORWARDED_PORT,
'X_FORWARDED_PREFIX' =>
$trustedHeaderSet & Request::HEADER_X_FORWARDED_PREFIX,
];