From 10f660d43087b2198c3789bebbd587d20ec6e956 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Tue, 31 Jul 2018 14:39:31 +0200
Subject: [PATCH] [HttpKernel] fix trusted headers management in HttpCache and
 InlineFragmentRenderer

---
 Request.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Request.php b/Request.php
index 7f3426049..9cc6a9773 100644
--- a/Request.php
+++ b/Request.php
@@ -1944,6 +1944,11 @@ private function getTrustedValues($type, $ip = null)
         if (self::$trustedHeaders[self::HEADER_FORWARDED] && $this->headers->has(self::$trustedHeaders[self::HEADER_FORWARDED])) {
             $forwardedValues = $this->headers->get(self::$trustedHeaders[self::HEADER_FORWARDED]);
             $forwardedValues = preg_match_all(sprintf('{(?:%s)=(?:"?\[?)([a-zA-Z0-9\.:_\-/]*+)}', self::$forwardedParams[$type]), $forwardedValues, $matches) ? $matches[1] : array();
+            if (self::HEADER_CLIENT_PORT === $type) {
+                foreach ($forwardedValues as $k => $v) {
+                    $forwardedValues[$k] = substr_replace($v, '0.0.0.0', 0, strrpos($v, ':'));
+                }
+            }
         }
 
         if (null !== $ip) {