57 lines
1.9 KiB
PHP
57 lines
1.9 KiB
PHP
<?php
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
return [
|
|
/*
|
|
* Set trusted proxy IP addresses.
|
|
*
|
|
* Both IPv4 and IPv6 addresses are
|
|
* supported, along with CIDR notation.
|
|
*
|
|
* The "*" character is syntactic sugar
|
|
* within TrustedProxy to trust any proxy
|
|
* that connects directly to your server,
|
|
* a requirement when you cannot know the address
|
|
* of your proxy (e.g. if using Rackspace balancers).
|
|
*
|
|
* The "**" character is syntactic sugar within
|
|
* TrustedProxy to trust not just any proxy that
|
|
* connects directly to your server, but also
|
|
* proxies that connect to those proxies, and all
|
|
* the way back until you reach the original source
|
|
* IP. It will mean that $request->getClientIp()
|
|
* always gets the originating client IP, no matter
|
|
* how many proxies that client's request has
|
|
* subsequently passed through.
|
|
*/
|
|
'proxies' => in_array(env('TRUSTED_PROXIES', []), ['*', '**']) ?
|
|
env('TRUSTED_PROXIES') : explode(',', env('TRUSTED_PROXIES', null)),
|
|
|
|
/*
|
|
* Or, to trust all proxies that connect
|
|
* directly to your server, uncomment this:
|
|
*/
|
|
// 'proxies' => '*',
|
|
|
|
/*
|
|
* Or, to trust ALL proxies, including those that
|
|
* are in a chain of forwarding, uncomment this:
|
|
*/
|
|
// 'proxies' => '**',
|
|
|
|
/*
|
|
* Default Header Names
|
|
*
|
|
* Change these if the proxy does
|
|
* not send the default header names.
|
|
*
|
|
* Note that headers such as X-Forwarded-For
|
|
* are transformed to HTTP_X_FORWARDED_FOR format.
|
|
*
|
|
* The following are Symfony defaults, found in
|
|
* \Symfony\Component\HttpFoundation\Request::$trustedHeaders
|
|
*/
|
|
'headers' => \Illuminate\Http\Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_AWS_ELB,
|
|
];
|