Skip to content

Commit db2cde9

Browse files
author
chorgues
committed
Added support for a Header to indicating the request has already been proxied though upward-php
1 parent 7d21e53 commit db2cde9

File tree

2 files changed

+28
-1
lines changed

2 files changed

+28
-1
lines changed

Plugin/Magento/Framework/App/AreaList.php

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
<?php
2+
23
/**
34
* Copyright © Magento, Inc. All rights reserved.
45
* See COPYING.txt for license details.
@@ -10,10 +11,15 @@
1011
use Magento\Framework\App\Config\ScopeConfigInterface;
1112
use Magento\Framework\App\ObjectManager;
1213
use Magento\Store\Model\ScopeInterface;
14+
use Magento\Upward\Resolver\Proxy;
1315
use Magento\UpwardConnector\Api\UpwardPathManagerInterface;
1416

1517
class AreaList
1618
{
19+
public const UPWARD_HEADER = 'UpwardProxied';
20+
21+
public const UPWARD_ENV_HEADER = 'UPWARD_PHP_PROXY_HEADER';
22+
1723
/**
1824
* @var ScopeConfigInterface
1925
*/
@@ -56,7 +62,6 @@ public function afterGetCodeByFrontName(
5662
$result,
5763
$frontName
5864
) {
59-
6065
if ($result !== 'frontend') {
6166
return $result;
6267
}
@@ -73,6 +78,14 @@ public function afterGetCodeByFrontName(
7378
) ?? ''
7479
);
7580

81+
$request = new \Laminas\Http\PhpEnvironment\Request();
82+
$upwardProxyEnv = getenv(self::UPWARD_ENV_HEADER);
83+
84+
/** $upwardProxyEnv needs to be truthy because getenv returns "false" if it didn't find it */
85+
if ($upwardProxyEnv && $request->getHeader(self::UPWARD_HEADER) === $upwardProxyEnv) {
86+
return $result;
87+
}
88+
7689
if ($frontName && in_array($frontName, $frontNamesToSkip)) {
7790
return $result;
7891
}

README.md

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,20 @@ The Magento 2 UPWARD connector has additional settings that can be configured in
1919

2020
These are the configurations for the UPWARD process itself.
2121

22+
#### UPWARD Environment variable
23+
24+
This environment variable is meant to allow a secure way for Magento2 to distinguish a request which went through the UPWARD Proxy, and a "natural" request.
25+
26+
```
27+
# bash
28+
export UPWARD_PHP_PROXY_HEADER='arbitrary_security_string' # preferably random, unique and longer than 16 characters
29+
30+
# nginx conf
31+
fastcgi_param UPWARD_PHP_PROXY_HEADER "arbitrary_security_string";
32+
33+
```
34+
35+
2236
#### UPWARD Config File
2337

2438
This configuration is the location of the UPWARD configuration file for the UPWARD-PHP server.

0 commit comments

Comments
 (0)