add trust proxy middleware

laravel · Mar 29, 2017 · e23a1d2 · e23a1d2 · tai1030 · Aug 30, 2017
1 parent 864a829
commit e23a1d2
Show file tree

Hide file tree

Showing 6 changed files with 41 additions and 10 deletions.
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -18,6 +18,7 @@ class Kernel extends HttpKernel
         \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
         \App\Http\Middleware\TrimStrings::class,
         \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
+        \App\Http\Middleware\TrustProxies::class,
     ];
 
     /**

diff --git a/app/Http/Middleware/EncryptCookies.php b/app/Http/Middleware/EncryptCookies.php
@@ -2,9 +2,9 @@
 
 namespace App\Http\Middleware;
 
-use Illuminate\Cookie\Middleware\EncryptCookies as BaseEncrypter;
+use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
 
-class EncryptCookies extends BaseEncrypter
+class EncryptCookies extends Middleware
 {
     /**
      * The names of the cookies that should not be encrypted.

diff --git a/app/Http/Middleware/TrimStrings.php b/app/Http/Middleware/TrimStrings.php
@@ -2,9 +2,9 @@
 
 namespace App\Http\Middleware;
 
-use Illuminate\Foundation\Http\Middleware\TrimStrings as BaseTrimmer;
+use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
 
-class TrimStrings extends BaseTrimmer
+class TrimStrings extends Middleware
 {
     /**
      * The names of the attributes that should not be trimmed.

diff --git a/app/Http/Middleware/TrustProxies.php b/app/Http/Middleware/TrustProxies.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Http\Request;
+use Fideloper\Proxy\TrustProxies as Middleware;
+
+class TrustProxies extends Middleware
+{
+    /**
+     * The trusted proxies for the application.
+     *
+     * @var array
+     */
+    protected $proxies;
+
+    /**
+     * The proxy header mappings.
+     *
+     * @var array
+     */
+    protected $headers = [
+        Request::HEADER_FORWARDED => 'FORWARDED',
+        Request::HEADER_CLIENT_IP => 'X_FORWARDED_FOR',
+        Request::HEADER_CLIENT_HOST => 'X_FORWARDED_HOST',
+        Request::HEADER_CLIENT_PORT => 'X_FORWARDED_PORT',
+        Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
+    ];
+}
diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php
@@ -2,9 +2,9 @@
 
 namespace App\Http\Middleware;
 
-use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
+use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
 
-class VerifyCsrfToken extends BaseVerifier
+class VerifyCsrfToken extends Middleware
 {
     /**
      * The URIs that should be excluded from CSRF verification.

diff --git a/composer.json b/composer.json
@@ -5,14 +5,15 @@
     "license": "MIT",
     "type": "project",
     "require": {
-        "php": ">=5.6.4",
-        "laravel/framework": "5.4.*",
-        "laravel/tinker": "~1.0"
+        "php": ">=7.0.0",
+        "laravel/framework": "5.5.*",
+        "laravel/tinker": "~1.0",
+        "fideloper/proxy": "~3.3"
     },
     "require-dev": {
         "fzaninotto/faker": "~1.4",
         "mockery/mockery": "0.9.*",
-        "phpunit/phpunit": "~5.0"
+        "phpunit/phpunit": "~6.0"
     },
     "autoload": {
         "classmap": [