CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
setTrustedProxies example
if ($isMaintenancePageRoute) {
$request->attributes->set('_route', 'frontend.maintenance');
$request->attributes->set(SalesChannelRequest::ATTRIBUTE_IS_ALLOWED_IN_MAINTENANCE, true);
}
if ($useProxy) {
$proxyIp = '172.17.1.12';
$request->server->set('REMOTE_ADDR', $proxyIp);
$request->setTrustedProxies([$proxyIp], Request::HEADER_FORWARDED);
$request->headers->set('Forwarded', sprintf('by=%s;for=%s', $proxyIp, $clientIp));
} else {
$request->server->set('REMOTE_ADDR', $clientIp);
}
$request->attributes->set(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST, $isSalesChannelRequest);
$request->attributes->set(SalesChannelRequest::ATTRIBUTE_SALES_CHANNEL_MAINTENANCE, $isMaintenanceModeActive);
$request->attributes->set(SalesChannelRequest::ATTRIBUTE_SALES_CHANNEL_MAINTENANCE_IP_WHITLELIST, json_encode($allowedIpAddresses, \JSON_THROW_ON_ERROR));
return $request;
}
}
public static function setSettingsOnRequest(Request $request, Settings $settings) {
// Initialize proxy settings. if ($settings->get('reverse_proxy', FALSE)) {
$proxies = $settings->get('reverse_proxy_addresses', []);
if (count($proxies) > 0) {
// Set the default value. This is the most relaxed setting possible and // not recommended for production. $trusted_header_set = Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_FORWARDED;
$request::setTrustedProxies(
$proxies,
$settings->get('reverse_proxy_trusted_headers', $trusted_header_set)
);
}
}
}
}
$this->startTime = microtime(true);
}
$this->initializeBundles();
$this->initializeConfig();
if (!empty($this->config['phpsettings'])) {
$this->setPhpSettings($this->config['phpsettings']);
}
if ($trustedProxies = $this->config['trustedproxies']) {
SymfonyRequest::setTrustedProxies($trustedProxies, $this->config['trustedheaderset']);
}
}
/** * This wraps Shopware:run execution and does not execute * the default dispatching process from symfony. * Therefore: * Arguments are currently ignored. No dispatcher, no response handling. * Shopware instance returns currently the rendered response directly. * * {@inheritdoc} * * @return SymfonyResponse */
}
$this->initializeBundles();
$this->initializeConfig();
if (!empty($this->config['phpsettings'])) {
$this->setPhpSettings($this->config['phpsettings']);
}
if ($trustedProxies = $this->config['trustedproxies']) {
SymfonyRequest::setTrustedProxies($trustedProxies, $this->config['trustedheaderset']);
}
}
/** * This wraps Shopware:run execution and does not execute * the default dispatching process from symfony. * Therefore: * Arguments are currently ignored. No dispatcher, no response handling. * Shopware instance returns currently the rendered response directly. * * {@inheritdoc} * * @return SymfonyResponse */
use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\EventListener\ValidateRequestListener;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\KernelEvents;
class ValidateRequestListenerTest extends TestCase
{
protected function tearDown(): void
{
Request::setTrustedProxies([], -1);
}
public function testListenerThrowsWhenMainRequestHasInconsistentClientIps()
{
$this->expectException(ConflictingHeadersException::class);
$dispatcher = new EventDispatcher();
$kernel = $this->createMock(HttpKernelInterface::class);
$request = new Request();
$request->setTrustedProxies(['1.1.1.1'], Request::HEADER_X_FORWARDED_FOR | Request::HEADER_FORWARDED);
$request->server->set('REMOTE_ADDR', '1.1.1.1');
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\EventListener\ValidateRequestListener;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\KernelEvents;
class ValidateRequestListenerTest extends TestCase
{
protected function tearDown(): void
{
Request::setTrustedProxies([], -1);
}
public function testListenerThrowsWhenMainRequestHasInconsistentClientIps()
{
$this->expectException(ConflictingHeadersException::class);
$dispatcher = new EventDispatcher();
$kernel = $this->createMock(HttpKernelInterface::class);
$request = new Request();
$request->setTrustedProxies(['1.1.1.1'], Request::HEADER_X_FORWARDED_FOR | Request::HEADER_FORWARDED);
$request->server->set('REMOTE_ADDR', '1.1.1.1');
class SubRequestHandlerTest extends TestCase
{
private static array $globalState;
protected function setUp(): void
{
self::$globalState = $this->getGlobalState();
}
protected function tearDown(): void
{
Request::setTrustedProxies(self::$globalState[0], self::$globalState[1]);
}
public function testTrustedHeadersAreKept()
{
Request::setTrustedProxies(['10.0.0.1'], -1);
$globalState = $this->getGlobalState();
$request = Request::create('/');
$request->server->set('REMOTE_ADDR', '10.0.0.1');
$request->headers->set('X-Forwarded-For', '10.0.0.2');
$request->headers->set('X-Forwarded-Host', 'Good');
{
private static array $globalState;
protected function setUp(): void
{
self::$globalState = $this->getGlobalState();
}
protected function tearDown(): void
{
Request::setTrustedProxies(self::$globalState[0], self::$globalState[1]);
}
public function testTrustedHeadersAreKept()
{
Request::setTrustedProxies(['10.0.0.1'], -1);
$globalState = $this->getGlobalState();
$request = Request::create('/');
$request->server->set('REMOTE_ADDR', '10.0.0.1');
$request->headers->set('X-Forwarded-For', '10.0.0.2');
$request->headers->set('X-Forwarded-Host', 'Good');
$subRequest->headers->set('forwarded', ['for="127.0.0.1";host="localhost";proto=http']);
$subRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
$subRequest->server->set('HTTP_FORWARDED', 'for="127.0.0.1";host="localhost";proto=http');
$strategy = new InlineFragmentRenderer($this->getKernelExpectingRequest($subRequest));
$this->assertSame('foo', $strategy->render(new ControllerReference('main_controller', ['object' => $object], []), Request::create('/'))->getContent());
}
public function testRenderWithTrustedHeaderDisabled()
{
Request::setTrustedProxies([], 0);
$expectedSubRequest = Request::create('/');
$expectedSubRequest->headers->set('x-forwarded-for', ['127.0.0.1']);
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
$strategy = new InlineFragmentRenderer($this->getKernelExpectingRequest($expectedSubRequest));
$this->assertSame('foo', $strategy->render('/', Request::create('/'))->getContent());
Request::setTrustedProxies([], -1);
}
$subRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
$subRequest->server->set('HTTP_FORWARDED', 'for="127.0.0.1";host="localhost";proto=http');
$strategy = new InlineFragmentRenderer($this->getKernelExpectingRequest($subRequest));
$this->assertSame('foo', $strategy->render(new ControllerReference('main_controller', ['object' => $object], []), Request::create('/'))->getContent());
}
public function testRenderWithTrustedHeaderDisabled()
{
Request::setTrustedProxies([], 0);
$expectedSubRequest = Request::create('/');
$expectedSubRequest->headers->set('x-forwarded-for', ['127.0.0.1']);
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
$strategy = new InlineFragmentRenderer($this->getKernelExpectingRequest($expectedSubRequest));
$this->assertSame('foo', $strategy->render('/', Request::create('/'))->getContent());
Request::setTrustedProxies([], -1);
}
$this->initializeBundles();
$this->initializeContainer();
$container = $this->container;
if ($container->hasParameter('kernel.trusted_hosts') && $trustedHosts = $container->getParameter('kernel.trusted_hosts')) {
Request::setTrustedHosts($trustedHosts);
}
if ($container->hasParameter('kernel.trusted_proxies') && $container->hasParameter('kernel.trusted_headers') && $trustedProxies = $container->getParameter('kernel.trusted_proxies')) {
Request::setTrustedProxies(\is_array($trustedProxies) ? $trustedProxies : array_map('trim', explode(',', $trustedProxies)), $container->getParameter('kernel.trusted_headers'));
}
return $container;
}
/** * Removes comments from a PHP source string. * * We don't use the PHP php_strip_whitespace() function * as we want the content to be readable and well-formatted. */
$this->initializeContainer();
$container = $this->container;
if ($container->hasParameter('kernel.trusted_hosts') && $trustedHosts = $container->getParameter('kernel.trusted_hosts')) {
Request::setTrustedHosts($trustedHosts);
}
if ($container->hasParameter('kernel.trusted_proxies') && $container->hasParameter('kernel.trusted_headers') && $trustedProxies = $container->getParameter('kernel.trusted_proxies')) {
Request::setTrustedProxies(\is_array($trustedProxies) ? $trustedProxies : array_map('trim', explode(',', $trustedProxies)), $container->getParameter('kernel.trusted_headers'));
}
return $container;
}
/** * Removes comments from a PHP source string. * * We don't use the PHP php_strip_whitespace() function * as we want the content to be readable and well-formatted. */
$this->kernel->assert(function D$backendRequest) {
$this->assertSame('127.0.0.1', $backendRequest->server->get('REMOTE_ADDR'));
});
}
/** * @dataProvider getTrustedProxyData */
public function testHttpCacheIsSetAsATrustedProxy(array $existing)
{
Request::setTrustedProxies($existing, Request::HEADER_X_FORWARDED_FOR);
$this->setNextResponse();
$this->request('GET', '/', ['REMOTE_ADDR' => '10.0.0.1']);
$this->assertSame($existing, Request::getTrustedProxies());
$existing = array_unique(array_merge($existing, ['127.0.0.1']));
$this->kernel->assert(function D$backendRequest) use ($existing) {
$this->assertSame($existing, Request::getTrustedProxies());
$this->assertsame('10.0.0.1', $backendRequest->getClientIp());
});
$this->assertSame('127.0.0.1', $backendRequest->server->get('REMOTE_ADDR'));
});
}
/** * @dataProvider getTrustedProxyData */
public function testHttpCacheIsSetAsATrustedProxy(array $existing)
{
Request::setTrustedProxies($existing, Request::HEADER_X_FORWARDED_FOR);
$this->setNextResponse();
$this->request('GET', '/', ['REMOTE_ADDR' => '10.0.0.1']);
$this->assertSame($existing, Request::getTrustedProxies());
$existing = array_unique(array_merge($existing, ['127.0.0.1']));
$this->kernel->assert(function D$backendRequest) use ($existing) {
$this->assertSame($existing, Request::getTrustedProxies());
$this->assertsame('10.0.0.1', $backendRequest->getClientIp());
});
if (file_exists($configEnv)) {
$dotenv = new Dotenv();
$dotenv->usePutenv(false)->load($configEnv);
}
$debug = true;
$kernel = new Kernel($_SERVER['APP_ENV'] ?? 'prod', $debug);
$trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? $_ENV['TRUSTED_PROXIES'] ?? false;
if ($trustedProxies) {
Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_HOST);
}
$request = Request::createFromGlobals();
@set_time_limit(0);
@ignore_user_abort(true);
$response = $kernel->handle($request);
$response->send();
$dotenv = new Dotenv();
$dotenv->usePutenv(false)->load($configEnv);
}
$debug = true;
$kernel = new Kernel($_SERVER['APP_ENV'] ?? 'prod', $debug);
$trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? $_ENV['TRUSTED_PROXIES'] ?? false;
if ($trustedProxies) {
Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_HOST);
}
$request = Request::createFromGlobals();
@set_time_limit(0);
@ignore_user_abort(true);
$response = $kernel->handle($request);
$response->send();
use Symfony\Component\HttpFoundation\ParameterBag;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
class RequestTest extends TestCase
{
use ExpectDeprecationTrait;
protected function tearDown(): void
{
Request::setTrustedProxies([], -1);
Request::setTrustedHosts([]);
}
public function testInitialize()
{
$request = new Request();
$request->initialize(['foo' => 'bar']);
$this->assertEquals('bar', $request->query->get('foo'), '->initialize() takes an array of query parameters as its first argument');
$request->initialize([], ['foo' => 'bar']);
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
class RequestTest extends TestCase
{
use ExpectDeprecationTrait;
protected function tearDown(): void
{
Request::setTrustedProxies([], -1);
Request::setTrustedHosts([]);
}
public function testInitialize()
{
$request = new Request();
$request->initialize(['foo' => 'bar']);
$this->assertEquals('bar', $request->query->get('foo'), '->initialize() takes an array of query parameters as its first argument');
$request->initialize([], ['foo' => 'bar']);
/** @var ContainerInterface $container */
$container = $this->container;
if ($container->hasParameter('kernel.trusted_hosts') && $trustedHosts = $container->getParameter('kernel.trusted_hosts')) {
Request::setTrustedHosts($trustedHosts);
}
if ($container->hasParameter('kernel.trusted_proxies') && $container->hasParameter('kernel.trusted_headers') && $trustedProxies = $container->getParameter('kernel.trusted_proxies')) {
\assert(\is_string($trustedProxies) || \is_array($trustedProxies));
$trustedHeaderSet = $container->getParameter('kernel.trusted_headers');
\assert(\is_int($trustedHeaderSet));
Request::setTrustedProxies(\is_array($trustedProxies) ? $trustedProxies : array_map('trim', explode(',', $trustedProxies)), $trustedHeaderSet);
}
foreach ($this->getBundles() as $bundle) {
$bundle->setContainer($this->container);
$bundle->boot();
}
$this->initializeDatabaseConnectionVariables();
$this->booted = true;
}
$container = $this->container;
if ($container->hasParameter('kernel.trusted_hosts') && $trustedHosts = $container->getParameter('kernel.trusted_hosts')) {
Request::setTrustedHosts($trustedHosts);
}
if ($container->hasParameter('kernel.trusted_proxies') && $container->hasParameter('kernel.trusted_headers') && $trustedProxies = $container->getParameter('kernel.trusted_proxies')) {
\assert(\is_string($trustedProxies) || \is_array($trustedProxies));
$trustedHeaderSet = $container->getParameter('kernel.trusted_headers');
\assert(\is_int($trustedHeaderSet));
Request::setTrustedProxies(\is_array($trustedProxies) ? $trustedProxies : array_map('trim', explode(',', $trustedProxies)), $trustedHeaderSet);
}
foreach ($this->getBundles() as $bundle) {
$bundle->setContainer($this->container);
$bundle->boot();
}
$this->initializeDatabaseConnectionVariables();
$this->booted = true;
}
if (!str_contains($_SERVER['REQUEST_URI'], '/installer')) {
header('Location: ' . $baseURL . '/installer');
exit;
}
}
$appEnv = $context['APP_ENV'] ?? 'dev';
$debug = (bool) ($context['APP_DEBUG'] ?? ($appEnv !== 'prod'));
$trustedProxies = $context['TRUSTED_PROXIES'] ?? false;
if ($trustedProxies) {
Request::setTrustedProxies(
explode(',', $trustedProxies),
Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO
);
}
$trustedHosts = $context['TRUSTED_HOSTS'] ?? false;
if ($trustedHosts) {
Request::setTrustedHosts(explode(',', $trustedHosts));
}
if (!file_exists(dirname(__DIR__) . '/install.lock')) {
header('Location: ' . $baseURL . '/installer');
exit;
}
}
$appEnv = $context['APP_ENV'] ?? 'dev';
$debug = (bool) ($context['APP_DEBUG'] ?? ($appEnv !== 'prod'));
$trustedProxies = $context['TRUSTED_PROXIES'] ?? false;
if ($trustedProxies) {
Request::setTrustedProxies(
explode(',', $trustedProxies),
Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO
);
}
$trustedHosts = $context['TRUSTED_HOSTS'] ?? false;
if ($trustedHosts) {
Request::setTrustedHosts(explode(',', $trustedHosts));
}
if (!file_exists(dirname(__DIR__) . '/install.lock')) {
$this->assertCount(5, $record['extra']);
$this->assertEquals($server['REQUEST_URI'], $record['extra']['url']);
$this->assertEquals($server['REMOTE_ADDR'], $record['extra']['ip']);
$this->assertEquals($server['REQUEST_METHOD'], $record['extra']['http_method']);
$this->assertEquals($server['SERVER_NAME'], $record['extra']['server']);
$this->assertEquals($server['HTTP_REFERER'], $record['extra']['referrer']);
}
public function testUseRequestClientIp()
{
Request::setTrustedProxies(['192.168.0.1'], Request::HEADER_X_FORWARDED_FOR);
[$event, $server] = $this->createRequestEvent(['X_FORWARDED_FOR' => '192.168.0.2']);
$processor = new WebProcessor();
$processor->onKernelRequest($event);
$record = $processor($this->getRecord());
$this->assertCount(5, $record['extra']);
$this->assertEquals($server['REQUEST_URI'], $record['extra']['url']);
$this->assertEquals($server['X_FORWARDED_FOR'], $record['extra']['ip']);
$this->assertEquals($server['REQUEST_METHOD'], $record['extra']['http_method']);
$this->assertEquals($server['SERVER_NAME'], $record['extra']['server']);
$this->assertEquals($server['REQUEST_URI'], $record['extra']['url']);
$this->assertEquals($server['REMOTE_ADDR'], $record['extra']['ip']);
$this->assertEquals($server['REQUEST_METHOD'], $record['extra']['http_method']);
$this->assertEquals($server['SERVER_NAME'], $record['extra']['server']);
$this->assertEquals($server['HTTP_REFERER'], $record['extra']['referrer']);
}
public function testUseRequestClientIp()
{
Request::setTrustedProxies(['192.168.0.1'], Request::HEADER_X_FORWARDED_FOR);
[$event, $server] = $this->createRequestEvent(['X_FORWARDED_FOR' => '192.168.0.2']);
$processor = new WebProcessor();
$processor->onKernelRequest($event);
$record = $processor($this->getRecord());
$this->assertCount(5, $record['extra']);
$this->assertEquals($server['REQUEST_URI'], $record['extra']['url']);
$this->assertEquals($server['X_FORWARDED_FOR'], $record['extra']['ip']);
$this->assertEquals($server['REQUEST_METHOD'], $record['extra']['http_method']);
$this->assertEquals($server['SERVER_NAME'], $record['extra']['server']);
$this->initializeBundles();
$this->initializeContainer();
$container = $this->container;
if ($container->hasParameter('kernel.trusted_hosts') && $trustedHosts = $container->getParameter('kernel.trusted_hosts')) {
Request::setTrustedHosts($trustedHosts);
}
if ($container->hasParameter('kernel.trusted_proxies') && $container->hasParameter('kernel.trusted_headers') && $trustedProxies = $container->getParameter('kernel.trusted_proxies')) {
Request::setTrustedProxies(\is_array($trustedProxies) ? $trustedProxies : array_map('trim', explode(',', $trustedProxies)), $container->getParameter('kernel.trusted_headers'));
}
return $container;
}
/** * Removes comments from a PHP source string. * * We don't use the PHP php_strip_whitespace() function * as we want the content to be readable and well-formatted. * * @deprecated since Symfony 6.4 without replacement */
$this->initializeContainer();
$container = $this->container;
if ($container->hasParameter('kernel.trusted_hosts') && $trustedHosts = $container->getParameter('kernel.trusted_hosts')) {
Request::setTrustedHosts($trustedHosts);
}
if ($container->hasParameter('kernel.trusted_proxies') && $container->hasParameter('kernel.trusted_headers') && $trustedProxies = $container->getParameter('kernel.trusted_proxies')) {
Request::setTrustedProxies(\is_array($trustedProxies) ? $trustedProxies : array_map('trim', explode(',', $trustedProxies)), $container->getParameter('kernel.trusted_headers'));
}
return $container;
}
/** * Removes comments from a PHP source string. * * We don't use the PHP php_strip_whitespace() function * as we want the content to be readable and well-formatted. * * @deprecated since Symfony 6.4 without replacement */
self::assertNull($stack->getMainRequest());
ob_start();
$response->send();
self::assertSame(Request::class, ob_get_clean());
self::assertNull($stack->getMainRequest());
}
public function testInconsistentClientIpsOnMainRequests()
{
$this->expectException(BadRequestHttpException::class);
$request = new Request();
$request->setTrustedProxies(['1.1.1.1'], Request::HEADER_X_FORWARDED_FOR | Request::HEADER_FORWARDED);
$request->server->set('REMOTE_ADDR', '1.1.1.1');
$request->headers->set('FORWARDED', 'for=2.2.2.2');
$request->headers->set('X_FORWARDED_FOR', '3.3.3.3');
$dispatcher = new EventDispatcher();
$dispatcher->addListener(KernelEvents::REQUEST, function D$event) {
$event->getRequest()->getClientIp();
});
$kernel = $this->getHttpKernel($dispatcher);
$kernel->handle($request, $kernel::MAIN_REQUEST, false);
ob_start();
$response->send();
self::assertSame(Request::class, ob_get_clean());
self::assertNull($stack->getMainRequest());
}
public function testInconsistentClientIpsOnMainRequests()
{
$this->expectException(BadRequestHttpException::class);
$request = new Request();
$request->setTrustedProxies(['1.1.1.1'], Request::HEADER_X_FORWARDED_FOR | Request::HEADER_FORWARDED);
$request->server->set('REMOTE_ADDR', '1.1.1.1');
$request->headers->set('FORWARDED', 'for=2.2.2.2');
$request->headers->set('X_FORWARDED_FOR', '3.3.3.3');
$dispatcher = new EventDispatcher();
$dispatcher->addListener(KernelEvents::REQUEST, function D$event) {
$event->getRequest()->getClientIp();
});
$kernel = $this->getHttpKernel($dispatcher);
$kernel->handle($request, $kernel::MAIN_REQUEST, false);