File tree Expand file tree Collapse file tree 2 files changed +22
-3
lines changed Expand file tree Collapse file tree 2 files changed +22
-3
lines changed Original file line number Diff line number Diff line change @@ -22,7 +22,11 @@ Solution: ``setTrustedProxies()``
2222---------------------------------
2323
2424To fix this, you need to tell Symfony which reverse proxy IP addresses to trust
25- and what headers your reverse proxy uses to send information:
25+ and what headers your reverse proxy uses to send information.
26+
27+ You can do that by setting the ``SYMFONY_TRUSTED_PROXIES `` and ``SYMFONY_TRUSTED_HEADERS ``
28+ environment variables on your machine. Alternatively, you can configure them
29+ using the following configuration options:
2630
2731.. configuration-block ::
2832
@@ -93,6 +97,11 @@ and what headers your reverse proxy uses to send information:
9397 ``private_ranges `` as a shortcut for private IP address ranges for the
9498 ``trusted_proxies `` option was introduced in Symfony 7.1.
9599
100+ .. versionadded :: 7.2
101+
102+ Support for the ``SYMFONY_TRUSTED_PROXIES `` and ``SYMFONY_TRUSTED_HEADERS ``
103+ environment variables was introduced in Symfony 7.2.
104+
96105.. caution ::
97106
98107 Enabling the ``Request::HEADER_X_FORWARDED_HOST `` option exposes the
Original file line number Diff line number Diff line change @@ -198,7 +198,12 @@ named ``kernel.http_method_override``.
198198trust_x_sendfile_type_header
199199~~~~~~~~~~~~~~~~~~~~~~~~~~~~
200200
201- **type **: ``boolean `` **default **: ``false ``
201+ **type **: ``boolean `` **default **: ``%env(bool:default::SYMFONY_TRUST_X_SENDFILE_TYPE_HEADER)% ``
202+
203+ .. versionadded :: 7.2
204+
205+ In Symfony 7.2, the default value of this option was changed from ``false `` to the
206+ value stored in the ``SYMFONY_TRUST_X_SENDFILE_TYPE_HEADER `` environment variable.
202207
203208``X-Sendfile `` is a special HTTP header that tells web servers to replace the
204209response contents by the file that is defined in that header. This improves
@@ -450,7 +455,12 @@ in debug mode.
450455trusted_hosts
451456~~~~~~~~~~~~~
452457
453- **type **: ``array `` | ``string `` **default **: ``[] ``
458+ **type **: ``array `` | ``string `` **default **: ``['%env(default::SYMFONY_TRUSTED_HOSTS)%'] ``
459+
460+ .. versionadded :: 7.2
461+
462+ In Symfony 7.2, the default value of this option was changed from ``[] `` to the
463+ value stored in the ``SYMFONY_TRUSTED_HOSTS `` environment variable.
454464
455465A lot of different attacks have been discovered relying on inconsistencies
456466in handling the ``Host `` header by various software (web servers, reverse
You can’t perform that action at this time.
0 commit comments